Goal of this workflow
Let the logged-in user manage the phone numbers used for authentication.
Outline of workflow
- The user must be logged in to use this self-service:
- 1.Open the self-service.
- 2.Add new, edit existing, or delete a phone number.
- 3.When adding or changing a phone number, an OTP code is sent to the new number in order to verify it.
Preparation
- To use this workflow, the following pre-conditions must be met:
- 1.The user can be (strongly) authenticated.
- 2.The user has the access right to use the self-service.
- 3.The mTAN management self-service is enabled in the configuration.
Example screen workflow
The following sample screenshots have been taken in the JSP-Loginapp but are similar in the Loginapp REST API.
- 1.After login, open the mTAN management self-service:
- ●Loginapp REST UI: <loginapp-path>/ui/app/protected/tokens/mtan
- ●JSP-Loginapp: /<loginapp-path>/mtan-number-management
- 2.Choose an action (add, delete, edit) - this screen flow shows the edit path
- 3.Enter a phone number and optionally a label:
- 4.Confirm the new phone number by entering OTP received on new mobile phone number:
Further information and links:
- ●Configuration in the Loginapp REST UI:
- ●In Loginapp >> Protected Self-Services: configure mTAN Number List.
- ●In Loginapp >> Protected Self-Services >> Protected Self-Service Flows: add flows for the required management operations (e.g. Default mTAN Token Registration Flow, Default mTAN Token Edit Flow, Default mTAN Deletion Flow or custom flows).
- ●Configure the necessary UI settings in Loginapp >> UI Settings.
- ●Configuration in the JSP-Loginapp: 17.4.2.6. mTAN/SMS self-service configuration in the JSP-Loginapp