OTPGetMethods mapping rule

Each delivery method includes the following attributes and their corresponding value:

id

Specifies a unique delivery method ID. This value replaces the @OTP_METHOD_ID@ macro in the OTP Method Selection page. Use a unique value across different methods. For example, sms.

deliveryType

Specifies the delivery plug-in that delivers the one-time password. The value must match one of the types in the DeliveryTypesToOTPDeliveryModuleIds parameter of the OTP response file. For example, sms_delivery.

deliveryAttribute

Specifies an attribute that is associated with the delivery type. The value depends on the one-time password provider plug-in for the delivery type. For example:

• For SMS delivery, the value is the mobile number of the user. For example, mobileNumber.
• For email delivery, the value is the email address of the user. For example, emailAddress.
• For no delivery, the value is an empty string.

label

Specifies the unique delivery method to the user. For time-based and counter-based one-time password, use this attribute to specify the secret key of the user. If label is not specified, the time-based and counter-based one-time password code retrieves the key by invoking the user information provider plug-in. This parameter replaces the @OTP_METHOD_LABEL@ macro in the OTP Method Selection page.

otpType

Specifies the one-time password provider plug-in that generates and verifies the password. The value must match one of the types in the OTPTypesToOTPProviderModuleIds parameter of the OTP response file. For example, mac_otp.

userInfoType

Specifies which user information provider plug-in to use to retrieve user information that is required to calculate the one-time password. This parameter is only required if user information is used for calculation of the one-time password.

You can also customize the mapping rule to use access control context data. For details see, Customizing one-time password mapping rules to use access control context data.