The MobileID app is an OTP app as well as an OOBA app. If a token is to be used for OOBA, then while the token is being installed, it must also be registered for OOBA operation.
Please note: 'Your-Dualshield-FQDN:8074' must be accessible to your mobile devices in order for the MobileID token to register for OOBA services.
There are several ways of installing a MobileID token. However, in order to register a token for OOBA, you must install the token by QR code or by link.
In the Domain list, select the domain that you want to work on, e.g. DeepnetMFA.com
If you click the "Search" button, it will list all users in the entire directory up to the query limit.
To narrow down your search, click the "Filter" button
Enter the user's login name, e.g. 2FA, then click the "Search" button (You can change the search filter or add more filters)
Once you have found the user account, click on its context menu icon "..." to bring up the context menu:
Click "Tokens" from the context menu
Now, click the token's context menu icon "..." to bring up its context menu:
Select "Display QR Code"
Find the MobileID token, click its context menu
Select "View QR Code" from its context menu
A token can be pushed to the user by the server automatically or pushed to the user manually by the administrator in the admin console. Either way, a message template called "Push Token" will be used to create the email message. Therefore, you must customize the Push Token message temple first if you want users to receive their token's QR code by email.
Customize Push Token Message Template
You must customize the message template according to your requirements.
SMTP Template
If you want the server to push OTP tokens to users by email, then you need to customize the SMTP Template
Navigate to Customization | Message Templates | Push Token | SMTP Templates
Typically, you would need to change the Sender, Subject, and Text field which is the body of the message.
There are 3 wildcards that you can use in the message body depending on your requirements
| Wildcard | Remarks | Examples |
|---|---|---|
[[LINK]] | This wildcard represents the download link of the user's MobileID token. Use this wildcard if you want to send the token's download link to the user. |
|
[[QRCODE]] | This wildcard represents the QR code image of the user's OTP token. Use this wildcard if you want to send the token's QR code to the user. |
|
[[AUTHZCODE]] | Depending on the token's policy, installing an OTP token might require an authorization code. This wildcard represents the authorization code of the user's token if it is required. |
You must select "HTML Format" if include the wirldcard [[QRCODE]] in the message text.
SMS Template
If you want the server to push OTP tokens to users by SMS message, then you need to customize the SMS Template
Navigate to Customization | Message Templates | Push Token | SMS Templates
Below is an example of the Push Token SMTP message template
Push Token Manually
The following procedure demonstrates how the system administrator can send the QR code to users by emails
Navigate to "Directory | Users", select the domain for your external directory, then for a selected user left click on the context menu and select "Tokens";
The token details for the selected user will now be show, left click on the context menu of the token to be pushed to the user then select the message channel to send the token (normally "By Email");
The QR code for the selected token will now be sent to the user by email.
End User Experience
Once the token has been sent to the user an email will arrive that includes the required QR code (example below);
Now, open the MobileID app on your smartphone
click the menu icon on the top-left corner
select Scan to start the QR code
In the process of installing a token, you will be asked if they want to register the token for OOBA. You must press the "REGISTER" button
