The one-time password (OTP) business logic includes a service that sends and validates non-persistent OTPs. The handling is different for standard (persistent) OTPs, and the required configuration is done via preferences.
|channel||Indicates the channel in channel manager to use to send out the message. This provides a fallback in case channel.email or channel.sms is not set.|
|channel.email||Indicates the channel in channel manager to use to send out the OTP via an e-mail message.|
|channel.sms||Indicates the channel in channel manager to use to send out the OTP via SMS.|
|tokenLength||6||Sets the length of the OTP (token) that is to be generated.|
|otpTypeAuthToken||100||Defines the authorization token for the OTP type in use.|
|tokenTimeToleranceMinutes||2||Sets the time tolerance (+/-), in minutes, when verifying whether the token is valid (timestamp is part of a generated token before hashing).|
|smsTokenTemplate||Defines the name of the template to use when sending out OTP tokens (nonpersisted).|