OneTouch

From Swivel Knowledgebase
Jump to: navigation, search


Overview

OneTouch authentication allows a mobile device to be prompted by the Swivel server to let the user authenticate by:

  • Pressing a confirm button on the mobile device screen, via a Swivel mobile application.
  • Pressing # or other defined characters on phone keypad

There are two methods of authentication with OneTouch, a user can be configured to authenticate by Mobile Client or Voice but not both.

OneTouch Mobile using the Swivel Mobile Phone Client

OneTouch Voice

For other forms of authentication see: Transports How To Guide


OneTouch Videos

Swivel OneTouch Voice & Juniper

Swivel OneTouch Mobile & Juniper


Integrations

Juniper_OneTouch

VPN_OneTouch_Integration

Technical explanation

1) User goes to authenticate, enters their username and password.

2) The login page requests a push message (or telephone call) to be sent to the user, the login page receives a unique session id as the response.

3) The user receives the message/call and responds via a single keypress on the mobile phone client or via the telephone keypad to validate the authentication

4) The login page detects that the user has responded and the login form is submitted with the session ID

5) The core platform cross references the session id with the user’s response to allow the authentication


OneTouch login screen

OneTouch Mobile Client Authentication.png


For configuration of the OneTouch please see the relevant links above.

VPN explanation

The VPN mode works slightly differently

1) The user goes to the VPN Login page

2) The modified VPN page detects that the user has not instigated a push message or call and redirects the user to a OneTouch Login Page

3) The user supplies and requests a push message, the login form stores the SessionID in the password field

4) When the OneTouch form detects that the user has responded to the push, it redirects the user back to the VPN login page passing the username and sesionid as parameters

5) The login page populates the login page form with the username and session id and submits the form

6) The VPN submits the username and session id via RADIUS to the Swivel Core for verification.

7) User gains access

Refer to VPN_OneTouch_Integrationfor sample implementation