4.13.4 OTP Based Login

"A One-Time Password (OTP) is a unique, temporary code that a user receives via SMS/email to authenticate a login or transaction. Unlike traditional static passwords, which remain the same until changed, an OTP is valid for a single session or transaction."

Follow the below steps to set up the OTP Based Registration

1. Click on Authentication in the sidebar.

   

   Fig. 4.12.4.a: Navingating to Authentication section

2. Click on the kebab menu (three dots) on the right side of the browser flow. Select Duplicate. A popup will appear.

   

   Fig 4.12.4.b: Duplicating the existing browser flow

3. Provide a Name for the flow, "OTP Based Login Flow" and click Duplicate. You will be redirected to the new flow configuration.

   

   Fig 4.12.4.c: Giving a name to the new browser flow for OTP login

4. Delete everything under OTP Based Login Flow forms.

   

   Fig 4.12.4.d: Duplicated browser flow configuration page for OTP login

5. Click on the plus icon on the right side of the OTP Based Login Flow forms and select Add Execution. A popup will appear to select an execution.

   

   Fig 4.12.4.e: Proceeding to add a new execution to OTP login flow

6. Search for Email OTP, select it and click Add.

   

   Fig 4.12.4.f: Select 'Email OTP' execution to add

7. Click on the settings menu (gear icon) on the right side of the Email OTP. A popup will appear to configure the OTP.

   

   Fig 4.12.4.g: Proceeding to configure OTP login

8. Provide an Alias, set the OTP type, Number of digits in OTP, OTP Code period(in seconds) and Max Resend OTP Attempts, then click Save.

   

   Fig 4.12.4.h: Configuring OTP login

9. Click on the Actions, on the top right of the page, and then Bind flow. A popup will appear.

   

   Fig 4.12.4.i: Changing the 'Requirement' of OTP login

10. Select the Browser flow and click Save.

    

    Fig 4.12.4.j: Selecting a flow to bind OTP login to

OTP Based Login Flow will now be enabled.