Introduction
The flow chart below shows an example of the authentication process of the CoreOne Authentication Service. In particular, it shows the following sub-processes:
Subprocess | Description |
|---|---|
The Level of Authentication (LoA) describes the quality of the authentication. This can be defined per application and forces the user to perform certain login steps, such as multi-factor authentication. | |
External login / federation | External login or federation allows the user to apply to the application by using a different IdP. This can be, for example, a login through Google or SwissID. |
Registration through External Login | Describes the process of what happens when a user logs in using an external login if the user is not yet known in the local meta directory. |
Attribut Elevation | If additional information is required from the user to access an application, which is not yet available in the local meta directory, this information is retrieved. |
Email Verification | A one-time or periodic verification of the specified email address. |
Mobile Number Verification | |
Privacy policy and terms of use | The user must agree to the privacy and usage terms. These terms may be versioned. |
Consent / Consents | Depending on the configuration, the user must give his consent as to what information is transferred to the application. |
Step-Up-Authentication | |
Activate User | |
Reactivate User | |
Password Reset | |
Reauthentication |
Authentication Process
The following graphic shows the standard process. In certain places it is abbreviated for readability.
