Hi Malithi, If you wanted to re-scan the QR code then you have to deselect the Enable TOTP claim in the dashboard, this will automatically remove the secret key claim from the user profile. BTW, for both local user and federated user this will work once you de-select the Enable TOTP claim from the dashboard. Because for the federated scenario, based on the use-cases have to create the user in the local user store. If you are not setting any use case, then default (local) use-case will get involved in the federation scenario. Please refer the documentation [1] for more info.
[1] https://docs.wso2.com/display/ISCONNECTORS/Configuring+TOTP+Authenticator Thanks Kanapriya Kuleswararajan Software Engineer | WSO2 Mobile : - 0774894438 Mail : - kanapr...@wso2.com LinkedIn : - https://www.linkedin.com/in/kanapriya-kules-94712685/ <https://www.linkedin.com/in/hariprasath-thanarajah-5234b660> On Mon, Oct 23, 2017 at 11:51 PM, Malithi Edirisinghe <malit...@wso2.com> wrote: > Hi Team, > > I configured two step authentication with google federated authentication > and TOTP for a service provider; i.e, first step is configured to use > google as federated IdP, second step is TOTP. > Both 'authenticationMandatory' and 'enrolUserInAuthenticationFlow' is set > to true in TOTP authenticator configuration in > application-authentication.xml file, such that TOTP is enforced and can > enrol user while login. > > Now, when trying to access the SP, Google login page popped up for which > user credentials were provided and authenticated. Then, in the next step, > TOTP propose to enrol the user by scanning the QR code which was done. The > federated user logged in successfully. > > Now, suppose I want to refresh the secret key of this account or clear it, > such that the user needs to scan the QR code again. This could be done for > a local user as the secret key was stored under 'http://wso2.org/claims/ > identity/secretkey' claim. But, for the user federated over google this > could not be done. And I'm not sure where do we store the secret key for > this account. > > Appreciate your input. > > Thanks, > Malithi. > > -- > > *Malithi Edirisinghe* > Associate Technical Lead > WSO2 Inc. > > Mobile : +94 (0) 718176807 > malit...@wso2.com >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev