OTPGetMethods mapping rule (AAC)

OTPGetMethods mapping rule (AAC)

OTPGetMethods specifies the methods for delivering the one-time password to the user. This sample mapping rule sets password delivery conditions for the following delivery methods:

By email
By SMS
No delivery

Each delivery method includes the following attributes and their corresponding value:

id

Specifies a unique delivery method ID. This value replaces the @OTP_METHOD_ID@ macro in the OTP Method Selection page. Use a unique value across different methods. For example, sms.

deliveryType

Specifies the delivery plug-in that delivers the one-time password. The value must match one of the types in the DeliveryTypesToOTPDeliveryModuleIds parameter of the OTP response file. For example, sms_delivery.

deliveryAttribute

Specifies an attribute associated with the delivery type. The value depends on the one-time password provider plug-in for the delivery type. For example:

For SMS delivery, the value is the mobile number of the user. For example, mobileNumber.
For email delivery, the value is the email address of the user. For example, emailAddress.
For no delivery, the value is an empty string.

label

Specifies the unique delivery method to the user. For time-based and counter-based one-time password, use this attribute to specify the secret key of the user. If label is not specified, the time-based and counter-based one-time password code retrieves the key by invoking the user information provider plug-in. This parameter replaces the @OTP_METHOD_LABEL@ macro in the OTP Method Selection page.

otpType

Specifies the one-time password provider plug-in that generates and verifies the password. The value must match one of the types in the OTPTypesToOTPProviderModuleIds parameter of the OTP response file. For example, mac_otp.

userInfoType

Specifies which user information provider plug-in to use to retrieve user information that is required to calculate the one-time password. This parameter is only required if user information is used for calculation of the one-time password.

To customize one-time password delivery, we can do one of the following actions:

Create your own mapping rules that are based on the sample OTPGetMethods mapping rule.
Modify the sample OTPGetMethods mapping rule.

You can also customize the mapping rule to use access control context data. For details see, Customizing one-time password mapping rules to use access control context data.
Parent topic: Managing mapping rules