Previous Topic: ArcotID OTP FlowsNext Topic: ArcotID OTP Roaming Flow

CA CloudMinder Advanced AuthenticationHow Advanced Authentication WorksEnd User Authentication FlowsArcotID OTP FlowsArcotID OTP Only Flow

ArcotID OTP Only Flow

The ArcotID OTP Only flow defines the steps that must be performed to authenticate end users with the ArcotID OTP credential only. At runtime, this flow takes effect only if the ArcotID OTP credential is enabled.

This section assumes that the end user has installed the ArcotID OTP application and that the ArcotID OTP credential is provisioned to the end user's device.

End users are authenticated as follows:

  1. When trying to access a protected resource in a browser, the end user is prompted for their user name and OTP.
  2. The end user opens the ArcotID OTP application installed on their desktop or mobile device.
  3. The end user authenticates to the ArcotID OTP application using their PIN and generates an OTP.
  4. The end user then returns to the login page in the browser, enters the user name and OTP, and clicks Submit.
  5. The Advanced Authentication service verifies the details provided and authenticates the user.
  6. If authentication is successful, the end user is granted access to the resource.

The roaming authentication flow, where the end user's device does not have the ArcotID OTP credential, is described in ArcotID OTP Roaming Flow.