...
The OpenID Connect specification does not specify the possible string values included in the amr value. RFC-8176 establishes a number of suggested values. onePortal supports a subset of those suggestions.
Value | Description |
|---|---|
mfa | Multiple factor authentication. Returned if "pwd" and one other method was used to sign-in. |
otp | One-time password (TOTP or HOTP) was used. |
pwd | User entered password to sign-in. |
sms | User entered a code they received via a SMS (text message) sent to user's registered mobile number. |
ID token after password-only authentication
| Code Block | ||
|---|---|---|
| ||
{ "id_token": |
...
{ "amr": |
...
[ "pwd" |
...
], |
...
"at_hash": "UIejIhBKSrth201ZTTZrxA", |
...
"aud": |
...
[ "6324127051294819" |
...
], |
...
"auth_time": 1535616780, |
...
"azp": "6324127051294819", |
...
"exp": 1536221581, |
...
"iat": 1535616781, |
...
"iss": "https://devel3.t5.fi", |
...
"nonce": "9AzzrW8L5KOohBrk", |
...
"sub": "58cfb7353874e103fc81ec5f" |
...
} } |
...
ID token after authenticating with password and OTP
| Code Block | ||
|---|---|---|
| ||
{ "id_token": |
...
{ "amr": |
...
[ "mfa", |
...
"otp", |
...
"pwd" |
...
], |
...
"at_hash": "RD3a9rZ6FuuGeEksQSR44g", |
...
"aud": |
...
[ "6324127051294819" |
...
], |
...
"auth_time": 1535618565, |
...
"azp": "6324127051294819", |
...
"exp": 1536223366, |
...
"iat": 1535618566, |
...
"iss": "https://devel3.t5.fi", |
...
"nonce": "DxZs70N05vJrKiLo", |
...
"sub": "5a325c543874e16a85710c5e" |
...
} } |
...