OneSpan Auth VDP User Register node

This node registers users to authenticate using the virtual one-time password (VOTP). You can design a user registration journey with this node on its own. You can also position this node after the OneSpan Auth User Register node. Both IAA and OCA authentication can use VDP delivery.

Compatibility

Product	Compatible?
Advanced Identity Cloud	Yes
PingAM (self-managed)	Yes
Ping Identity Platform (self-managed)	Yes

Product

Compatible?

Advanced Identity Cloud

Yes

PingAM (self-managed)

Yes

Ping Identity Platform (self-managed)

Yes

Inputs

This node requires the following inbound data:

Description	Attribute name	Source
Username	As specified in the property	Shared state
Password (optional)	As specified in user attributes	Transient state
User attributes	As specified in the property	Shared state

Description

Attribute name

Source

Username

As specified in the property

Shared state

Password (optional)

As specified in user attributes

Transient state

User attributes

As specified in the property

Shared state

This node uses input from OneSpan Auth VDP User Registration node and another node that collects the VOTP delivery method.

Dependencies

To use this node, you should have already set up Advanced Identity Cloud integration with OneSpan, as mentioned in Set up.

Configuration

The configurable properties for this node are:

Property	Usage
IAA Domain	The domain in which the user account resides. In a sandbox, the domain is the same as your tenant name.
User Name In SharedState	The key parameter in shared state that represents the OneSpan IAA username.
VDP Delivery Method	The mode in which VOTP is delivered. The available values are SMS, Email, Voice, and Default.
User Attributes	Supplementary information for registration in the key-value pair form: Click Add. In the Key field, enter the JSON attribute as defined in API schema. In the Value field, enter the name of the shared state attribute. For example, given a pair such as `emailAddress` : `"emailAddress"`, the node searches for the first occurrence of the key `emailAddress` in the shared state, and adds a pair `emailAddress` : `"valueInSharedState"` to the OneSpan API payload. To edit an entry, click the [.label]#Pencil# icon (). To remove an entry, click the [.label]#Delete# icon ().

Property

Usage

IAA Domain

The domain in which the user account resides. In a sandbox, the domain is the same as your tenant name.

User Name In SharedState

The key parameter in shared state that represents the OneSpan IAA username.

VDP Delivery Method

The mode in which VOTP is delivered. The available values are SMS, Email, Voice, and Default.

User Attributes

Supplementary information for registration in the key-value pair form:

Click Add.
In the Key field, enter the JSON attribute as defined in API schema.

In the Value field, enter the name of the shared state attribute.

For example, given a pair such as `emailAddress` : `"emailAddress"`, the node searches for the first occurrence of the key `emailAddress` in the shared state, and adds a pair `emailAddress` : `"valueInSharedState"` to the OneSpan API payload.

To edit an entry, click the [.label]#Pencil# icon ().

To remove an entry, click the [.label]#Delete# icon ().

Outputs

If an error occurs, an error message with the key ostid_error_message is output to the shared state.

Outcomes

Success: If the user exists, then this node invokes the Update user API. If the user entry isn’t found, this node invokes the Create a user API.
Error: An error message with the key ostid_error_message is output to the shared state.

Errors

This node logs an error message with the key ostid_error_message and the reason why the user registration for VDP wasn’t successful.

Troubleshooting

If this node logged an error, review the log messages for the transaction to find the reason for the exception.

Examples

This example describes an authentication journey to register a user for VOTP authentication:

In the initial login page, the user enters their username and the required VDP delivery information, such as their virtual email or phone number.
The OneSpan VDP User Register node determines if there’s an unassigned VIR10 authenticator available in the tenant. It also determines if the user isn’t already assigned a VIR10 authenticator.
If the user hasn’t been assigned a VIR10 authenticator, the OneSpan Auth Assign Authenticator node assigns a VIR10 authenticator to the user.
The OneSpan Sample Error Display node displays if the VIR10 authenticator assignment failed and lets you retry registration.