The Default Time-Based OTP Provider page (Usage > Default Time-Based OTP Provider) lists all users who have started to install and set up a time-based, one-time password (OTP) app on their mobile device. The page displays the user’s Username, Status, and Identity Provider. The user’s status can be one of the following:
Not Verified. Client devices have started the initialization process but have not yet verified completion.
Verified. Client devices have successfully initialized and seeded the authenticator app.
Deployment of the OTP app is managed automatically by the Controller and client. The client provides links and instructions to guide the user through the process, and displays a QR code to seed the app. The Controller recognizes that the app has been successfully installed and seeded when the user enters a valid OTP. Until that point, the OTP setup is treated as not yet complete and the seed will be marked as Not Verified.
Background information
Read the following for more information:
To learn about device trust, see the Multi-stage authorization section.
See the Identity Provider Configuration section to learn about how to configure the onboarding of new devices.
See the Device Registration section to learn about the client onboarding cookie.
Action Buttons
Action buttons are accessed by clicking the three dots icon (
) to the right of each line item in the page or from the <Actions> button within the item. They are contextual, changing depending on the type of item and the state of the item. The Action button in the Default Time-Based OTP Provider Seeds page displays the following option:
Remove Seed. Removes the OTP seed. Removing the seed will restart the OTP initialization process on the user's device. Once the seed is deleted, the OTP initialization will be triggered when the user attempts to access the protected resource.