Mobile authentication fallback simplified¶

Fallback from one mobile authentication method to another mobile authentication method (for example from push to SMS) during mobile authentication initialization by the portal has been simplified. This change resulted in mobile authentication configuration differences in the Admin console.

Change description¶

Before it was possible to fallback to any of the configured mobile authentication types in case originally requested mobile authentication type could not be initialized. Currently it is possible to fallback to SMS or push with pin in such scenario.
Before, each fallback authentication property had its own configuration. To simplify configuring a fallback, the same configuration will be used for the originally requested mobile authentication type and the fallback type.

Changes described above resulted in reset of the previous fallback configuration.

Upgrade instructions¶

The mobile authentication fallback configuration has been reset. If you were using mobile authentication fallback previously you must enable it again on the mobile authentication type form.

If you don't remember which of your configurations were using fallback, you can perform the following steps in order to identify and update them:

1. Database operations¶

Go to auth_properties table and search for all rows where fallback_properties_id is set.
Investigate types of auth properties referenced by fallback_properties_id column.

2. Admin console operations¶

Make sure the Token Server is started.
Go to the Configuration-> Mobile authentication -> Mobile authentication types page.

Note: Mobile authentication must be enabled on Configuration-> System -> Features page.

For all mobile authentication types using fallback, that you investigated in the database, perform the following update:
if mobile authentication type had SMS fallback -> check Fallback to SMS option
if mobile authentication type had PUSH_WITH_PIN fallback -> check Fallback to push with pin option