Administrator

One-Time Password Generation

The one-time password (OTP) business logic includes a service that sends and validates non-persistent OTPs. The handling is different for standard (persistent) OTPs, and the required configuration is done via preferences.

  • Preferences node: /businesslayer/com/sybase365/mobiliser/money/businesslogic/customer/configuration/CustomerOtpConfiguration
  • ConfigAdmin PID: com.sybase365.mobiliser.money.businesslogic.customer.configuration.CustomerOtpConfiguration
You can set these configuration options:
Key Default Description
channel   Indicates the channel in channel manager to use to send out the message. This provides a fallback in case channel.email or channel.sms is not set.
channel.email   Indicates the channel in channel manager to use to send out the OTP via an e-mail message.
channel.sms   Indicates the channel in channel manager to use to send out the OTP via SMS.
tokenLength 6 Sets the length of the OTP (token) that is to be generated.
otpTypeAuthToken 100 Defines the authorization token for the OTP type in use.
tokenTimeToleranceMinutes 2 Sets the time tolerance (+/-), in minutes, when verifying whether the token is valid (timestamp is part of a generated token before hashing).
smsTokenTemplate   Defines the name of the template to use when sending out OTP tokens (nonpersisted).