Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

It is possible to verify that a user has access to read sms messages sent to a phone number.

Applications can use the Ubisecure SSO infrastructure for sending the SMS message and verifying the code entered by the user.

To do this, an Ubisecure specific OAuth grant type is used.

Step-by-step guide

To configure a system to support phone number verification:

  1. Configure a new method called of the type Unregistered SMS. In these screenshots, the name of the method is ubikey.sms.X
  2. Enable the method ubikey.sms.X on a site
  3. Create a group called Unregistered SMS Users, assign membership based on the ubikey.sms.X method just created.
  4. Create an agent of type OAuth in that site
  5. Activate the agent using the following metadata

    Metadata for phone number verification by SMS
    {"grant_types":["http://globalsign.com/iam/sso/oauth2/grant-type/sms-mt-otp"]}
  6. Open the Allowed To tab and Add the group Unregistered SMS Users.
  7. An authorization policy is not required. If used, attributes sent in the Authorization policy will appear in the id_token received in the verification response.

To send a verification code to a user:

  1. Create a POST

    Metadata for phone number verification by SMS
    {"grant_types":["http://globalsign.com/iam/sso/oauth2/grant-type/sms-mt-otp"]}

    An example using the HttpRequester browser extension is shown here:


 

To verify a code collected from the user:

  1. Create a POST request

    Metadata for phone number verification by SMS
    grant_type=http://globalsign.com/iam/sso/oauth2/grant-type/sms-mt-otp&scope=openid&client_id=c495bb59-f0ae-430a-9830-ca8228aa58fe&client_secret=CVgXCVQaLeRcd0AQ604sUuAL0NCBDX77&x_globalsign_iam_reference_id=.eyJzdWIiOiIzNTg0MDQxMzQyNTIiLCJpYXQiOjE0OTk0MjY3NjY3MjUsImN0bXMiOjE0Njc0MjY1MTM3ODgyMDQsIm1hYyI6IkFaUzU2ckhPQjV6d2RfVWJWenhjOUgtX2VQejJiSFJNT0dXY0hTV1hWdzhFUTRST1locWdiQVNkZ3huSGVhLWk3QnhNZmc9PSJ9.S1f4VSae-QO0jfFcekPHUGTvqBgYc2yFsHbj3UVhFpk&x_globalsign_iam_otp_code=32768341

    An example using the HttpRequester browser extension is shown here:

  2. The response will contain

    Response
     

 

 




  • No labels