11.6 Registering Users with Challenge Factors in OAA
OAA provides REST APIs for registering users with specific challenge factors.
Use the <OAAService>/preferences/v1
REST API to register the necessary challenge factors for users.
For details about finding the <OAAService>
URL and authenticating, see OAA Runtime API.
For details about the Preferences REST Endpoint, see REST API for OAA Runtime. These factors can be further managed by users in the Self-Service Portal. For more information, see Managing Factors in the Self-Service Portal.
Example 1: Sample Request to Register User with Oracle Mobile Authenticator (OMA)
The following sample request shows how to register a user testuser1
with groupID UserGroup1
with OMA:
curl --location -g --request POST '<OAAService>/preferences/v1' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \
--data '{
"userId": "testUser1",
"groupId": "UserGroup1",
"factorsRegistered": [
{
"factorAttributes": [
{
"factorAttributeValue": [
{
"value": "omasecretvalue1",
"name": "Device1",
"isEnabled": true
}
],
"factorAttributeName": "omatotpsecretkey"
}
],
"factorKey": "ChallengeOMATOTP",
"isPreferred": false,
"isValidated": true
}
]
}'
Note:
Thevalue
for factorAttribueValue
supports
alphanumerics only.
Example 2: Sample Request to Register User with Email
The following sample request shows how to register a user testuser1
with groupID UserGroup1
with Email:
curl --location -g --request POST '<OAAService>/preferences/v1' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \
--data '{
"userId": "testUser1",
"groupId": "UserGroup1",
"factorsRegistered": [
{
"factorAttributes": [
{
"factorAttributeValue": [
{
"value": "test.user@example.com",
"name": "Device1",
"isEnabled": true
}
],
"factorAttributeName": "email"
}
],
"factorKey": "ChallengeEmail",
"isPreferred": false,
"isValidated": true
},
Note:
The parameterisValidated
is true
by default. If using factor
verification as per Configuring Factor Verification, if isValidated
is true
then the user will
be registered as verified, whereas if the value is set to false
, the user
will be registered as unverified.