About Mobile login
- When the Onegini IdP is configured to work with the Onegini Token Server, it is possible to use the Mobile Authentication functionality of the Onegini Token Server.
- When end-users use their mobile device in combination with and additional authentication method such as a PIN or Fingerprint, this is called Mobile Login.
Below you can see the flow diagram for mobile login:
Ensure the following prerequisites:
- the Onegini IdP must be running,
- access to the Onegini IdP,
- you have previously configured Mobile Login.
How do I configure Mobile Login?
- Mobile Login requires access to the Onegini Token Server API. Please refer to the Onegini Token Server configuration.
- Set the time limit for using mobile login via the
Authorization Token Expiration Time Property.
- To enable the settings for Mobile Login, go the -> Click
- Fill in the following fields:
|Mobile Login enabled||Enables/disables mobile login.|
||If enabled, the end-user will see a checkbox on the login page where he can decide whether or not they want to use the mobile login feature from their current device.|
|Authentication level||You can give the mobile login feature a specific authentication level or use the authentication level of the previous authenticator that the end-user used before logging in with mobile login.|
|Authentication type||Mobile login authentication type (the
|Allowed login attempts||Allowed number of failing / invalid login attempts occurring one after another with the Mobile login functionality.|
You can configure a message that the end-user will see on his mobile device when a mobile authentication request is sent:
- Add a custom message for the key
personal.mobile.notification.login. In case this key is not set in any message source, then the message value is taken directly from the field
Login Messagein the
How does the user use Mobile Login?
Users will be able to login with their mobile device when they:
- have coupled the account with the mobile app (that is using the Onegini Mobile SDK),
- have enabled Mobile Authentication with Push within the mobile app,
- have successfully logged in to the Onegini IdP at least once, after all other prerequisites have been met.