Default Mapping Rules

There are several out of the box mapping rules available as examples of typical branching policy flows.

Generic Rule and Template

The Generic rule only extracts the branch names from the policy and provides those names to the template page to display to the end user. The end user then picks a branch based only on the name.

For example, a policy with two branches called “Forgotten Username” and “Forgotten Password”. The user will have displayed a template page with those two names as individual options.

Second Factor Rule and Template

The Second Factor rule fetches a user’s enrollment status and displays the top 3 second factor options to the end user. The template displays relevant information for each second factor mechanism. For example, device name for MMFA Authenticator. The user must be authenticated to use this mapping rule and template.

MMFA and TOTP Fallback

The MMFA with TOTP Fallback defaults are a subset of the Second Factor rule and template page. The rule is simpler but also demonstrates the server automatically choosing an option for the user, but allows them to return and choose a fallback method.

Username-less Login

The Username-less Login rule does not require a user to be logged in, and automatically displays the QR Code for login, but also offer the user to choose to do a FIDO2 username-less login instead.

Parent topic: Branching Authentication Policy