Skip to content

Latest commit

 

History

History
20 lines (16 loc) · 2.97 KB

PossessionConstraint.md

File metadata and controls

20 lines (16 loc) · 2.97 KB

Okta.Sdk.Model.PossessionConstraint

Properties

Name Type Description Notes
AuthenticationMethods List<AuthenticationMethodObject> This property specifies the precise authenticator and method for authentication. <x-lifecycle class=&quot;oie&quot;></x-lifecycle> [optional]
ExcludedAuthenticationMethods List<AuthenticationMethodObject> This property specifies the precise authenticator and method to exclude from authentication. <x-lifecycle class=&quot;oie&quot;></x-lifecycle> [optional]
Methods List<string> The Authenticator methods that are permitted [optional]
ReauthenticateIn string The duration after which the user must re-authenticate regardless of user activity. This re-authentication interval overrides the Verification Method object's `reauthenticateIn` interval. The supported values use ISO 8601 period format for recurring time intervals (for example, `PT1H`). [optional]
Required bool This property indicates whether the knowledge or possession factor is required by the assurance. It's optional in the request, but is always returned in the response. By default, this field is `true`. If the knowledge or possession constraint has values for `excludedAuthenticationMethods` the `required` value is false. <x-lifecycle class=&quot;oie&quot;></x-lifecycle> [optional]
Types List<string> The Authenticator types that are permitted [optional]
DeviceBound string Indicates if device-bound Factors are required. This property is only set for `POSSESSION` constraints. [optional] [default to DeviceBoundEnum.OPTIONAL]
HardwareProtection string Indicates if any secrets or private keys used during authentication must be hardware protected and not exportable. This property is only set for `POSSESSION` constraints. [optional] [default to HardwareProtectionEnum.OPTIONAL]
PhishingResistant string Indicates if phishing-resistant Factors are required. This property is only set for `POSSESSION` constraints. [optional] [default to PhishingResistantEnum.OPTIONAL]
UserPresence string Indicates if the user needs to approve an Okta Verify prompt or provide biometrics (meets NIST AAL2 requirements). This property is only set for `POSSESSION` constraints. [optional] [default to UserPresenceEnum.REQUIRED]
UserVerification string Indicates the user interaction requirement (PIN or biometrics) to ensure verification of a possession factor [optional] [default to UserVerificationEnum.OPTIONAL]

[Back to Model list] [Back to API list] [Back to README]