Open APIs

 View Only
  • 1.  OTP

    Posted Jul 12, 2019 10:22
    Is there a openapi spec for OTP ?

    ------------------------------
    Anelisa Mhlongo
    Deloitte
    ------------------------------


  • 2.  RE: OTP

    TM Forum Member
    Posted Sep 22, 2020 11:04
    Good day,
    If we are talking of OTP as One Time Password
    I think it is responsibility of  Your auth provider (oAuth2) to support OTP as an auth method and grant an access scope to the client via API access token.
    Than needed  API URI's and methods can be assigned to the same auth scope to grant an access.
    --
    SY

    ------------------------------
    Sergey Yakovlev
    Telekom Austria AG
    ------------------------------



  • 3.  RE: OTP

    TM Forum Member
    Posted Sep 23, 2020 04:26
    Hi

    Currently user management (i.e. identification and authentication), including one-time passwords, multi-factor authentication flows, and so on is not within the scope of the Open API framework. As Sergey writes, you would have to interface to your chosen provider to do this.

    It is not clear to me that there is value in creating Open API wrappers in this area, but maybe others feel differently.

    ------------------------------
    Jonathan Goldberg
    Amdocs Management Limited
    Any opinions and statements made by me on this forum are purely personal, and do not necessarily reflect the position of the TM Forum or my employer.
    ------------------------------