OneTouch authentication allows a mobile device to be prompted by the Swivel server to let the user authenticate by:
- Pressing a confirm button on the mobile device screen, via a Swivel mobile application.
- Pressing # or other defined characters on phone keypad
There are two methods of authentication with OneTouch, a user can be configured to authenticate by Mobile Client or Voice but not both.
For other forms of authentication see: Transports How To Guide
1) User goes to authenticate, enters their username and password.
2) The login page requests a push message (or telephone call) to be sent to the user, the login page receives a unique session id as the response.
3) The user receives the message/call and responds via a single keypress on the mobile phone client or via the telephone keypad to validate the authentication
4) The login page detects that the user has responded and the login form is submitted with the session ID
5) The core platform cross references the session id with the user’s response to allow the authentication
OneTouch login screen
For configuration of the OneTouch please see the relevant links above.
The VPN mode works slightly differently
1) The user goes to the VPN Login page
2) The modified VPN page detects that the user has not instigated a push message or call and redirects the user to a OneTouch Login Page
3) The user supplies and requests a push message, the login form stores the SessionID in the password field
4) When the OneTouch form detects that the user has responded to the push, it redirects the user back to the VPN login page passing the username and sesionid as parameters
5) The login page populates the login page form with the username and session id and submits the form
6) The VPN submits the username and session id via RADIUS to the Swivel Core for verification.
7) User gains access
Refer to VPN_OneTouch_Integrationfor sample implementation