Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

CustomerID installs and pre-configures SMS authentication. Separate installation is not required.Configuration - CustomerID – SMS section how to enable it. 

...

To configure the SMS method in Ubisecure SSO:

...

1. Open the Ubisecure Management application.

2. Select Global Method Settings and click the New Method... button.

3. Add New Method window opens.

Give the method a title (external name visible to end users) and name (name for internal use).
Set the title to SMS
Set the name to ubikey.sms.1
Set the method type to SPI Mobile Phone. The Method Class is automatically selected.
A directory must be selected, from which contains the user's password and registered telephone number. Select the Directory from the drop down list.
Press OK.

Expand
titleShow image


Image Modified

Figure 1. Adding a new SMS method to Ubisecure SSO



4. In

...

the Main page of the new method, select the Enabled checkbox to activate the new method.

5. Add the following lines to

...

the Configuration String field:

Code Block
languagetext
policy.password.encoding={SSHA}
policy.password.protocol=UbiloginDirectory
password-name=password.1
directory.schema=UbiloginDirectory

In this example password.1 will be used as the source for username, password and mobile phone number.

Image Modified

...


6. Click SPI Mobile Phone tab.

The SMS method can be configured to make either GET or POST HTTP request. By default, it uses the GET method.

...


The form fields are as follows:

Field nameDescriptionExample
SMS Gateway URL

...

the URL of the SMS servicehttp://sms-service-.

...

com/sms/sendsms?to={mobile}&content={challenge}
API Request Method

HTTP Method:

    • GET (default)
    • POST

BodyBody for the POST request

{"mobile": {mobile}, "challenge": {challenge}}

Basic AuthenticationAuthentication to be used in the request to the SMS service
usernameUsername for the SMS servicetest
passwordPassword for the SMS servicesecret

Remember to provide variables {mobile} and {challenge} either in query parameters or body.
The variable {mobile} will be replaced with the users mobile number from the user directory. The variable {challenge} will be replaced with the text to be displayed on the mobile phone

...

.

...

Click Update.

Note

NOTE: Be sure that the configured HTTP server in URL parameter answers as HTTP status code 200 (The request has succeeded). All other response codes will be interpreted as a failure situation and the SMS authentication will not succeed. Configurable error will be shown to the user.


Image Modified

Figure 2. Defining the SMS Gateway URL for sending an SMS with a GET request


Image Modified

Figure 3. Defining the SMS service configuration for sending an SMS with a POST request.


Note

NOTE: This http address must be reachable from this and any other configured nodes.


7. Configure UI Text and SMS text

The variable {challenge} will be replaced with the text to be displayed on the mobile phone. The message used can be set using the tag SMS_TEXT in the localization files, for example uas.properties. Please refer to the Login user interface customization - SSO.

Code Block
languagetext
titleCustomizing and localizing message text
SMS_TEXT = Your one time password is {0}

By default, SSO formats the one-time password in four number sequences. In case you want to omit this kind of formatting, you can define the message key {1} instead of the standard {0}. The message key {1} always holds a plain version of the one-time password.

Code Block
languagetext
titleCustomizing and localizing message text
SMS_TEXT = Your one time password is {1}

Configure remaining UI text and to match system, branding and language requirements.

8. The method is now installed. Complete the configuration and access control.

After completing these settings, Ubisecure Server is configured to use SMS as an authentication method. 

...