KBA Security Answer Definition Stage
In the context of registration, this stage supplies security questions to the user and captures the answers provided by the user.
The stage validates any answers against the user object. If the requirement is not met (incorrect number of questions answered correctly), the stage throws a bad request exception and increments the failure count of the managed user. If the requirement is met (correct number of questions answered correctly), the process advances to the next stage.
This stage also disallows users from entering custom questions that duplicate any questions defined by the administrator, regardless of the locale. It does this comparison by removing any special characters and making a lowercase comparison. For example, What Is YoUr FaVorite COLOR????
would be evaluated as the same question as what is your favorite color?
.
- Example configuration
{ "name" : "kbaSecurityAnswerDefinitionStage", "kbaConfig" : null },
- Dependencies
The stage depends on a previous stage to populate the user ID in
state
. It has no dependencies on following stages.- Required Parameters
kbaConfig
- reads the KBA configuration from the correspondingselfservice.kba.json
file.