OTPGetMethods mapping rule
OTPGetMethods specifies the methods for delivering the one-time password to the user. This sample mapping rule sets password delivery conditions for the following delivery methods:
- By email
- By SMS
- No delivery
Each delivery method includes the following attributes and their corresponding value:
To customize one-time password delivery, we can do one of the following actions:
- id
- Specifies a unique delivery method ID. This value replaces the @OTP_METHOD_ID@ macro in the OTP Method Selection page. Use a unique value across different methods. For example, sms.
- deliveryType
- Specifies the delivery plug-in that delivers the one-time password. The value must match one of the types in the DeliveryTypesToOTPDeliveryModuleIds parameter of the OTP response file. For example, sms_delivery.
- deliveryAttribute
- Specifies an attribute associated with the delivery type. The value depends on the one-time password provider plug-in for the delivery type. For example:
- For SMS delivery, the value is the mobile number of the user. For example, mobileNumber.
- For email delivery, the value is the email address of the user. For example, emailAddress.
- For no delivery, the value is an empty string.
- label
- Specifies the unique delivery method to the user. For time-based and counter-based one-time password, use this attribute to specify the secret key of the user. If label is not specified, the time-based and counter-based one-time password code retrieves the key by invoking the user information provider plug-in. This parameter replaces the @OTP_METHOD_LABEL@ macro in the OTP Method Selection page.
- otpType
- Specifies the one-time password provider plug-in that generates and verifies the password. The value must match one of the types in the OTPTypesToOTPProviderModuleIds parameter of the OTP response file. For example, mac_otp.
- userInfoType
- Specifies which user information provider plug-in to use to retrieve user information that is required to calculate the one-time password. This parameter is only required if user information is used for calculation of the one-time password.
- Create your own mapping rules that are based on the sample OTPGetMethods mapping rule.
- Modify the sample OTPGetMethods mapping rule.
You can also customize the mapping rule to use access control context data. For details see, Customizing one-time password mapping rules to use access control context data.
Parent topic: Managing mapping rules