OTP Configuration
OTP configuration is separated for the following cases:
-
user self registration →
ConfirmationCodeCategory.USER_REGISTRATION
-
login, change_login, password →
ConfirmationCodeCategory.USER_AUTHENTICATION;
-
OTP confirmation for sensitive operations if enabled: ->
ConfirmationCodeCategory.OPERATION
For testing purposes, OTP can be configured as static using the following parameters (instead 1111 any status value can be used):
confirmation-code:
static-otp:
enabled: true
code: 1111
Overall configuration settings for OTP:
users:
registration:
confirmation-code:
static-otp:
enabled: ${USER_REGISTRATION_STATIC_OTP_ENABLED:false}
code: ${USER_REGISTRATION_STATIC_OTP_CODE:1111}
length: 6
ttl: 86400
resend-delay: 60
maxAttempts: 3
authentication:
confirmation-code:
static-otp:
enabled: ${USER_REGISTRATION_STATIC_OTP_ENABLED:false}
code: ${USER_REGISTRATION_STATIC_OTP_CODE:1111}
length: 6
ttl: 86400
resend-delay: 60
maxAttempts: 3
confirmation:
code:
static-otp:
enabled: ${CONFIRMATION_STATIC_OTP_ENABLED:false}
code: ${CONFIRMATION_STATIC_OTP_CODE:1111}
length: 6
ttl: 86400
resend-delay: 60
maxAttempts: 3
Sending provider configuration
If static OTP is disabled, it is necessary to configure the sending provider. Otherwise, an OTP will be generated but not sent.
The system supports Amazon SNS or Twilio out of the box for this purpose.
The setup process consists of two parts:
-
SMS provider type setup
-
provider configuration setup
SMS provider type setup
notifications:
sms:
enabled: false
message: 'The notification via sms is disabled. For more information, please contact your administrator.'
sender: 'SDKFinance'
provider: 'amazonSmsSender' # possible options: logSmsSender, amazonSmsSender, twilioSmsSender
Provider configuration setup
To configure Amazon SNS, specify the following parameters:
notifications:
sms:
amazon-sns:
region: 'eu-west-1'
accessKeyId: 'YOUR_ACCESS_KEY_ID'
secretKey: 'YOUR_SECRET_ACCESS_KEY'
smsMaxPrice: 1.00000
To configure Twillio, specify the following parameters:
notifications:
sms:
twilio-integration:
from_phone_number: '...'
account_cid: '...'
auth_token: '...'
region: '' # optional
edge: '' # optional