How to Configure OAM for One-Time Passwords for Use with the Oracle Mobile Authenticator Application (Doc ID 2307570.1)

Last updated on SEPTEMBER 15, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Oracle Mobile and Social - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Goal

How to configure OAM for second factor authentication (SFA) allowing end-users to enter a one-time PIN (OTP) number displayed in the Oracle Mobile Authenticator (OMA) application on a mobile device. 

The one-time PIN is time-based meaning that any specific PIN in only valid for a set amount of time. After that time period has expired then a new PIN is required to complete the SFA login step. The PIN is generated based off of a shared secret key that is known to both the OAM server and the OMA application. 

The steps listed below should work correctly for both Android and iOS devices.

Note that this note covers the time-based one-time PIN option only. While the configuration of push notifications with the OMA application covers some of the same pieces (such as OMA and the AdaptiveAuthentication scheme) the configuration is much more complex and not covered in this document.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms