In the Flex OTP authentication method, users can authenticate using the one-time password (OTP) that they receive from the following enrolled methods:
HOTP
TOTP
Smartphone(Offline)
To configure this method, add Flex OTP method to the authentication chain.
NOTE:Advance Authentication validates the specified OTP in the order: HOTP - TOTP - Smartphone OTP.
For example, if the HOTP and TOTP did not match, the AA Server will count it as an authentication failure for both the methods. If nothing from the methods (HOTP, TOTP, Smartphone OTP) matched, it will be counted as three unsuccessful authentications. So if you use the Lockout Options policy, please ensure you don't need to increase the Attempts failed value to avoid sudden lockout. For more information about the lockout settings policy, see Lockout Options.