36.2 Using the Oracle Mobile Authenticator App on iOS

The following sections contain procedures for using OMA on an iOS mobile device.

• Configuring the Oracle Mobile Authenticator for iOS

• Initializing the Oracle Mobile Authenticator on iOS

• Copying a One-Time Password from the Oracle Mobile Authenticator on iOS

• Editing an Account on the Oracle Mobile Authenticator on iOS

• Deleting an Account on the Oracle Mobile Authenticator on iOS

• Responding to Access Request (Push) Notifications on iOS

• Displaying Access Request (Push) Notifications History on iOS

• Displaying Service Account Details on iOS

• Displaying Access Manager Registered Accounts on iOS

• Displaying the OMA Version on iOS

36.2.1 Configuring the Oracle Mobile Authenticator for iOS

You can configure the OMA on iOS to communicate with Access Manager. A configuration URL is provided by the Access Manager administrator either by e-mail or through a web page.

Details about the URL are in Understanding Oracle Mobile Authenticator Configuration.

1. Tap the configuration URL provided by the Access Manager administrator.

   The app will open, display a unique service name to identify this app configuration, and prompt the user to accept the new settings.

2. Tap Accept to apply the settings.

   The OMA is configured to communicate with Access Manager.

36.2.2 Initializing the Oracle Mobile Authenticator on iOS

The OMA must authenticate and register an account with Access Manager.

Be sure to complete Configuring the Oracle Mobile Authenticator for iOS before attempting these procedures. Any of the following procedures can be used to initialize the OMA.

• Initializing the Oracle Mobile Authenticator for OTP Generation on iOS

• Adding a OTP Generation Account Manually on iOS

• Initializing Oracle Mobile Authenticator for Access Request (Push) Notifications Using Apple Push Notifications

• Initializing Oracle Mobile Authenticator for Access Request (Push) Notifications and OTP Generation on iOS

• Configuring Oracle Mobile Authenticator for Offline OTP Generation on iOS

36.2.2.1 Initializing the Oracle Mobile Authenticator for OTP Generation on iOS

Once authenticated, the app receives a key from the server that will be used to generate the OTP.

1. Tap the Sign In button.

   The login screen will appear.

2. Select the OTP service name for which you are configuring second factor authentication.

   This is the unique service name defined in Configuring the Oracle Mobile Authenticator for iOS.

3. Enter your user name and password and tap Submit.

   If login is successful, you will be taken to the OTP screen for the newly added account. If login is successful but an account with the same user name for the same service already exists, you will be asked to enter a different user name. Once the user name is unique, you will be taken to the OTP screen.

36.2.2.2 Adding a OTP Generation Account Manually on iOS

You can manually configure a OTP account by entering a unique account name and key.

This is the same account that would be created automatically in Initializing the Oracle Mobile Authenticator for OTP Generation on iOS.

1. Tap Enter Provided Key.
2. Enter a unique account name and key.

   If the name and key are valid, you will be taken to OTP screen for your new account. If the name is not unique or the key is not valid, you will be prompted to enter the information again.

36.2.2.3 Initializing Oracle Mobile Authenticator for Access Request (Push) Notifications Using Apple Push Notifications

The OMA must have the user's consent to receive push notifications. It must also register successfully with the Apple Push Notification Servers and get a unique device token. Afterwards, the OMA can register with Access Manager to receive push notifications.

1. Tap the Sign In button.

   The login screen will appear.

2. Select the Push Notification service name for which you are configuring second factor authentication.

   This is the unique service name defined in Configuring the Oracle Mobile Authenticator for iOS.

3. Enter your user name and password and tap Submit.

   If authentication and registration is successful, you will be taken to the Accounts page which will display all the accounts that have been configured for Push Notifications.

36.2.2.4 Initializing Oracle Mobile Authenticator for Access Request (Push) Notifications and OTP Generation on iOS

The OMA must have the user's consent to receive push notifications. It must also register successfully with the Apple Push Notification Servers and get a unique device token. Afterwards, the OMA can register with Access Manager to receive push notifications.

1. Tap the Sign In button.

   The login screen will appear.

2. Select the service name for which you are configuring second factor authentication.

   This is the unique service name defined in Configuring the Oracle Mobile Authenticator for iOS.

3. Enter your user name and password and tap Submit.

   If authentication and registration is successful, you will be taken to the OTP screen for the newly added account. If login is successful but a OTP account with the same user name for the same service already exists, you will be asked to enter a different user name. Once the user name is unique you will be taken to the OTP screen. Note that the newly added account will have small globe icon on the top left corner signifying that this account is also configured for push notifications.

36.2.2.5 Configuring Oracle Mobile Authenticator for Offline OTP Generation on iOS

The OMA can also be configured with a URL that contains the key used for generating a OTP. This allows for OTP generation when the mobile app is offline.

This configuration URL contains the secret key so it should be delivered on a secure channel.

1. Tap on the offline configuration URL.

   This will open the OMA. If there are no OTP accounts configured with the same user name defined by the URL, the account will be added and the user will be taken to the OTP screen. If there are user name conflicts, the user will be prompted to enter a new, unique user name.

2. Enter the displayed OTP in the corresponding login page to complete authentication.

36.2.3 Copying a One-Time Password from the Oracle Mobile Authenticator on iOS

You can copy a OTP from the OMA.

1. Tap on the account from which you want to copy the OTP.

   The Edit, Copy and Delete icons are displayed.

2. Tap the Copy icon on the left to copy the one-time password to the clipboard.
3. Paste the one-time password in the corresponding login page to complete authentication.

36.2.4 Editing an Account on the Oracle Mobile Authenticator on iOS

You can edit an account on the OMA.

1. Tap on the account you want to edit.

   The Edit, Copy and Delete icons are displayed.

2. Tap the Edit icon in the middle to edit an account.

   A new screen in which you can edit the user name and secret key is displayed.

3. Edit the name and/or key.
4. Tap Update Account to complete the modification.

36.2.5 Deleting an Account on the Oracle Mobile Authenticator on iOS

You can delete an account on the OMA.

1. Tap on the account you want to delete.

   The Edit, Copy and Delete icons are displayed.

2. Tap the Delete icon on the right to delete an account.

   You will be prompted for confirmation.

3. Tap Delete to confirm and delete.

36.2.6 Responding to Access Request (Push) Notifications on iOS

The OMA can receive push notifications from Access Manager if the push notification option is selected when configuring two factor authentication.

An administrator can use this procedure to respond to the notifications received on the mobile device.

1. Tap the notification alert on the mobile device.

   The OMA app will come to the foreground and display notification details. This includes a user name, the resource being accessed, access time and IP address. A timer depicting how much time you have to respond to this notification is also displayed.

2. Tap Allow or Deny to control access to the resource.

   OMA will send the resource to Access Manager and remove the notification information screen.

36.2.7 Displaying Access Request (Push) Notifications History on iOS

You can see the notifications which were received by the OMA and the decision taken for that particular access request.

1. Tap on three dots icon in the top left corner.
2. Tap on Notifications button.

   All the notifications that have been received by Oracle Mobile Authenticator will be shown.

3. Tap on any of the notifications to see the details.

36.2.8 Displaying Service Account Details on iOS

You can display the services with which the OMA has been configured.

This corresponds to the unique service name defined in Configuring the Oracle Mobile Authenticator for iOS.

1. Tap the three dots icon in the top left corner.
2. Tap the Configurations button.

   All the services that have been configured using this OMA will be displayed.

3. Tap a specific configuration to display the details.

   A screen will be displayed that will show all the details of the selected configuration. You can swipe from right to left to delete the configuration.

36.2.9 Displaying Access Manager Registered Accounts on iOS

You can see all the accounts that are added to the OMA and check the account type (OTP, notification or a combination of both).

This corresponds to accounts configured using one of the procedures in Initializing the Oracle Mobile Authenticator on iOS.

1. Tap the three dots icon in the top left corner.
2. Tap the Accounts button.

   All the accounts that currently exist in the OMA will be displayed. Swipe from right to left to delete any account.

36.2.10 Displaying the OMA Version on iOS

You can display the version number of the OMA running on your mobile device.

1. Tap the three dots icon in the top left corner.
2. Tap the About button.

   An alert will display the OMA version.