Second Step Authentication

In the authentication second step, choose a required authentication type from the drop-down list and click ADD.

Note: You can add multiple authentication types in the second step. Also, if you want to remove the already added authentication types, then click REMOVE.

The authentication journey creation with each individual authentication type is mentioned below.

Creating Authentication Journey with Static Password

To create an authentication journey with static password, follow the below steps:

Choose an authentication type Static Password from the drop-down list and click ADD.
Enter the below details and click SAVE to add the authentication journey to the authentication journey list.

Important: Enable the 'Forgot password' and 'Change password' toggle buttons as shown below to allow users to reset and/or change their password on the IdP login screen. If these options are not enabled here, they will not appear on the IdP login screen.

Note: For details of these below shown fields, refer Fields used in the Authentication Journey.

Creating Authentication Journey with Push Authentication

To create an authentication journey with push authentication, follow the below steps:

Choose an authentication type Push from the drop-down list and click ADD.
Enter the below details and click SAVE to add the authentication journey to the authentication journey list.

Note: For details of these below shown fields, refer Fields used in the Authentication Journey.

Creating Authentication Journey with One-Time Password

To create an authentication journey with one-time password, follow the below steps:

Choose an authentication type One-Time Password from the drop-down list and click ADD.
Enter the below details and click SAVE to add the authentication journey to the authentication journey list.

Note: For details of these below shown fields, refer Fields used in the Authentication Journey.

Creating Authentication Journey with Out of Band

To create an authentication journey with out of band, follow the below steps:

Choose an authentication type Out of Band from the drop-down list and click ADD.
Enter the below details.

Note: For details of these below shown fields, refer Fields used in the Authentication Journey.
Select SMS and/or Email to send the OTP along with the message to the end user.

Select Enable HTML for the use of HTML format contents through Email if you want to send formatted messages instead of plain text.
Click SAVE to add the authentication journey to the authentication journey list.

Creating Authentication Journey with Azure Directory Password

To create an authentication journey with Azure directory password, follow the below steps:

Choose an authentication type Azure Directory Password from the drop-down list and click ADD.
Enter the below details and click SAVE to add the authentication journey to the authentication journey list.

Note: For details of these below shown fields, refer Fields used in the Authentication Journey.

Creating Authentication Journey with PKI

To create an authentication journey with PKI, follow the below steps:

Choose an authentication type PKI from the drop-down list and click ADD.
Enter the below details and click SAVE to add the authentication journey to the authentication journey list.

Note: For details of these below shown fields, refer Fields used in the Authentication Journey.

Creating Authentication Journey with Passkey

To create an authentication journey with Passkey, follow the below steps:

Choose an authentication type Passkey from the drop-down list and click ADD.

Note: In an authentication journey, you can choose Passkey as either first or second factor authentication, not both.
Enter the below details and click SAVE to add the authentication journey to the authentication journey list.

Note: For details of these below shown fields, refer Fields used in the Authentication Journey.

Creating Authentication Journey with Contactless Card

To create an authentication journey with Contactless Card, follow the below steps:

Choose an authentication type Contactless Card from the drop-down list and click ADD.

Important: If the Contactless Card is not showing in the drop-down list of authentication type, then you need to enable the contactless cards in the configuration settings.
Enter the below details and click SAVE to add the authentication journey to the authentication journey list.

Note: For details of these below shown fields, refer Fields used in the Authentication Journey.

Creating Authentication Journey with PIN

To create an authentication journey with PIN, follow the below steps:

Choose an authentication type PIN from the drop-down list and click ADD.

Important: If the PIN is not showing in the drop-down list of authentication type, then you need to enable the PIN in the configuration settings.
Enter the below details and click SAVE to add the authentication journey to the authentication journey list.

Important: PIN cannot be used as a standalone authentication factor; it must always be combined with another factor for multi-factor authentication, either as a first or second factor.

Important: Enable the 'Forgot PIN' and 'Change PIN' toggle buttons as shown below to allow users to reset and/or change their PIN on the IdP login screen. If these options are not enabled here, they will not appear on the IdP login screen.

Note: For details of these below shown fields, refer Fields used in the Authentication Journey.

Note: Once the authentication journey is created, make sure that it has to be mapped to an application. Refer to OpenID Federated Application section for mapping.