Configuring Mobile Authenticator Challenge in the Oracle Advanced Authentication Self-Service Portal.
Introduction
This tutorial shows you how to use the Self-Service Portal to configure the TOTP (Time-based One Time Password) challenge for use with a Mobile Authenticator and Oracle Advanced Authentication (OAA).
For the purposes of this tutorial Oracle Mobile Authenticator (OMA) is used as the Mobile Authenticator. Google Authenticator or Microsoft Authenticator can also be used.
Objectives
In this tutorial you will perform the following tasks:
- Configure the Mobile Authenticator challenge factor in the Self-Service Portal.
Prerequisites
Before starting this tutorial ensure you have met these requirements:
-
An Oracle Advanced Authentication deployment is available with Factor Verification enabled. See, Configuring Factor Verification.
-
An Authenticator is installed on your mobile device. You can download the Mobile Authenticator of your choice for Android, iOS, and Microsoft, from the Google Play Store, Apple App Store, and Microsoft store respectively.
-
You have access to the Self-Service Portal and can login with your user credentials.
Note: You can still follow this tutorial if factor verification is disabled, but you will not be able to verify if the factor is working.
Configure Mobile Authenticator Challenge
-
Access the Self-Service Portal. For example,
https://oaa.example.com/oaa/rui. -
Enter your user credentials. For example,
testuser/<password>. -
In the left navigation menu, select My Authenticators.
-
Select Add Authentication Factor, and from the drop down menu select Oracle Mobile Authenticator:
Note: Oracle Mobile Authenticator is to be selected if using Google Authenticator or Microsoft Authenticator.
-
In the Setup Mobile Authenticator screen, enter a value in the Friendly Name field:
A Key and a QR code is displayed:
Description of the illustration configure_authenticator.jpg
Note: Administrators - The Key and QR code are both displayed as the OAA configuration properties
bharosa.uio.default.challenge.type.enum.ChallengeOMATOTP.registration.showQrcodeandbharosa.uio.default.challenge.type.enum.ChallengeOMATOTP.registration.showSecretKeyTextare set totrueby default. To prevent either the Key or the QR code from being displayed, set the relevant parameter tofalse. For further details on how to set configuration properties, see Configuration Properties for OAA. -
On your mobile device start the Mobile Authenticator and add an Account. Either scan the QR code or enter the key manually:
QR code example:
Description of the illustration qrcode.jpg
Key example:
Description of the illustration key.jpg
The new account will be displayed in the Authenticator application:
-
In the Setup Mobile Authenticator screen in the Self-Service Portal, click Verify Now:
Note: If factor verification is not enabled, Verify Now and Verify Later will not show. Instead, click Save.
-
Enter the verification code displayed in the Mobile Authenticator application into the Verification Code field. Click Verify and Save:
-
If the verification is successful, the Self-Service Portal will show the factor has been added:
Learn More
- To learn how to use factors with Windows device authentication and Oracle Universal Authenticator, see Configuring Device Authentication on Windows Using Oracle Access Management and Multi-Factor Authentication.
- To learn how to use factors when accessing an OAM protected application with MFA, see Integrate Oracle Access Management with Oracle Advanced Authentication.
Feedback
To provide feedback on this tutorial, please contact idm_user_assistance_ww_grp@oracle.com
Acknowledgements
- Author - Russ Hodgson
More Learning Resources
Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.
For product documentation, visit Oracle Help Center.
Configuring Mobile Authenticator Challenge in the Oracle Advanced Authentication Self-Service Portal
F81242-03
May 2024