RelayAuthenticator
Note
Used to relay authentication to another device via a QR code. When the QR code is scanned, the user verifies its intention to authenticate by entering a short one-time code visible once the QR code is scanned, and then proceeds to authenticate via the configured authenticator.
The current theme, localization files, and sso group id will be used for the relayed session, meaning if you use a RelayAuthenticator for "IDP 1", and the device that scans the QR code has a valid SSO session for "IDP 1", it will SSO once you complete the one-time-code challenge.
Properties
| Name | Description | Default value | Mandatory |
|---|---|---|---|
| authenticatorId | The authenticator to use for the authentication, once the QR code is scanned. | N/A | Yes |
| baseUrlOverride | Override incase the automatic base url detection does not work due to proxy settings or similar. Example: https://my.pas.server | N/A | No |
| qrCodeValidityMinutes | Amount of minutes the QR code is scannable before expiring. | 2 | No |
| totalTimeLimitMinutes | Total time limit for the relayed authentication. Once this time limit hits the authentication needs to be restarted. | 10 | No |
Example Configuration
{
"alias": "relay",
"name": "RelayAuthenticator",
"configuration": {
"authenticatorId": "my_other_authenticator_id"
},
"id": "<unique_id>"
}