SMS authentication method - SSO

Ubisecure SMS overview

This page and the page under, Installing SMS authentication method - SSO, describe the requirements and tasks for installing and configuring the SMS authentication method in an Ubisecure SSO Server system. 
The result of the installation described is a working SMS authentication method in Ubisecure Server. You should first refer to the page Installation - SSO for instructions on installing Ubisecure SSO.

Ubisecure SMS is a one-time password over SMS authentication method for Ubisecure SSO Server. There are two ways to login using SMS, using username and password, or unregistered.

Username and password

When a user attempts to access a resource protected by Ubisecure:

  1. The user enters a username and password and presses next
  2. An SMS message is sent to the user's mobile phone containing an eight digit one-time password
  3. The user enters the one-time-password and presses next
  4. Authorization is performed according to the configuration of the Ubisecure SSO Server and the user is redirected to the target application and granted access if permitted

The user's telephone number is retrieved from the user account stored in the local Ubisecure Directory or in an external directory (AD, LDAP or SQL).

Unregistered

When a user attempts to access a resource protected by Ubisecure:

  1. The user enters a phone number
  2. An SMS message is sent to the user's mobile phone containing an eight digit one-time password
  3. The user enters the one-time-password and presses next
  4. Authorization is performed according to the configuration of the Ubisecure SSO Server and the user is redirected to the target application and granted access if permitted

Unregistered method can also be used in OAuth2 smt-mt-otp grant . 

Related Pages

For installations using Active Directory

Integration with using Ubisecure SMS, please refer also the following guides for specific installation instructions.

Installation

See Installing SMS authentication method - SSO.