Configuring Token-Based RFI

Token-based RFI enables banks to share RFI links with users without needing an OFSAA user ID. Token-enabled RFI allows users to access questionnaires anywhere, anytime.

When an RFI is sent to an individual, they will receive a token-based link to access the RFI Questionnaire. On clicking the token-based Questionnaire link, the user is prompted to enter the unique captcha that is shared via email. Without a valid captcha access to the link will be prevented.

To configure token-based RFI, follow these steps:

Navigate to the CONFIGURATION table in the Config schema.
Update the RFI_TOKEN_VALIDITY parameter to provide the amount of time the RFI Token should remain valid. The value for this parameter must be provided in minutes. The default value is 60.
Configure the Captcha Email which respondents will receive by updating the following parameters:
- QTNR_CAPTCHA_SENDER_MAIL_ID: Configure the RFI Captcha Sender Mail ID. For example: rfi@oracle.com
- QTNR_CAPTCHA_MAIL_SUBJECT: Configure the RFI Captcha Mail Subject line. For example, RFI Unique Code.
- QTNR_CAPTCHA_MAIL_BODY_TXT: Configure the RFI Captcha Mail Body text. For example: Please Enter this code to view the RFI page.
- QTNR_CAPTCHA_MAIL_BODY_SENDER_NAME: Configure the RFI Captcha Sender Name, such as Administrator.
Service Authentication is done through the service account in the Token Enabled RFI screen. Configure the service account by updating the OFSAA_SRVC_ACC parameter. The default value is SYSADMN.

Note:

Oracle recommends creating a "SMS Auth Only" user from the User Maintenance window for the service account rather than using SYSADMN.

Note:
For Weblogic and Websphere environments, the configurations found in the OFSAAI Administration Guide must be completed for REST Services Authorization for the respective server. Refer to Section: 12.10.1 Configuring WebLogic for REST Services Authorization and Section: 12.11.1 Configuring WebSphere for REST Services Authorization.