Access Manager supports multi-factor authentication for the Authorization Code flow and Implicit flow. Access Manager 5.0 onwards, you can also invoke multi-factor authentication for Resource owner credential flow. This authentication flow is applicable only for Plug-in-based Advanced Authentication (Smartphone and Voice Call) methods.
Perform the following steps to configure multi-factor authentication for Resource Owner Credentials Grant:
Create an authentication class. See Creating Authentication Classes.
NOTE:Only Smartphone and Voice Call classes are supported.
NOTE:While creating the method, you can use the MAXRETRY and RETRYTIMEOUT properties to configure authentication timeout. For more information, see Optional Properties (KEY/Value) for Authentication Methods.
Navigate to> > > > .
Under Name/Password contract and the contract you created in Step 2., assign the
(Client application developer) In the client application token request, send the contract URI in the acr_values parameter.
This scenario is useful when you want to restrict the contract for specific client applications.
For more information about Resource owner credentials authentication contract, see Defining Global Settings.