In theauthentication method, a user receives a call with a PIN request, after which the user must specify the PIN on his or her phone.
The following workflow describes the Voice authentication method in Advanced Authentication:
A user tries to authenticate with the Voice method.
The user receives a call on the phone with a PIN request.
User must specify the PIN that has been enrolled in the Self-Service portal during the enrollment.
After the user specifies the PIN followed by a hash (#) symbol, user is authenticated with the Voice method.
IMPORTANT:Phone number with extensions are supported for this method.
x are used to indicate wait time and can be used as separators between phone number and extension.
For example, if +123456789 is the phone number and 123 is the extension, then it can be specified as +123456789,,,,123.
In the above example,
, is specified 4 times and this multiplied by 0.5 (default value in Twilio) indicates the wait time, which is 2 (4*0.5) seconds. First, call is sent to the number 123456789 and after a wait period of 2 seconds, the extension 123 is dialed.
To configure the Voice method, specify the following details:
: The length of the PIN must be at least three characters long.
: The validity period of a PIN. The default value is 42 days. If you set the age to 0, the PIN will not expire.
mobile, homePhone, ipPhone, and other attributes of a repository. You must define the attribute in: The cell phone number of a user that is used to call the user for voice authentication. You can use custom attributes such as
NOTE:If you do not configure the attribute in the method settings, then the first attribute defined in the mobile as the first attribute in and do not configure the attribute in method settings of , then while authenticating, the first attribute, which is the mobile attribute, is used for the method authentication.
: Option that allows to prevent users from providing a phone number that is not registered in the LDAP repository. The option is set to by default. Set to to prevent users to specify a different phone number during the enrollment.
: Option to configure settings for the user to enroll the Voice authenticator without a phone number in the repository.
Set this option toto ensure that a user does not enroll the Voice authenticator without a phone. The user gets an error message that you can specify in .
Set this option toto allow the user to enroll the Voice authenticator without a phone.
: Option that allows a user to authenticate using a chain where Voice authenticator is the first authentication method.
The option is set toby default. Set this option to to prevent user from authenticating using a chain where Voice authenticator is the first authentication method.
If the option is set to The method cannot be first in the login chain message and the user cannot authenticate., and a user tries to authenticate using a chain where the Voice method is the first authentication method, the user is displayed a
IMPORTANT:Advanced Authentication does not notify a user about the expiry of a PIN.