standards based protocols
Two-factor authentication (2FA) requires a user to provide two forms of identity to gain access to a protected resource or data. After a user supplies a username and a password, the app sends the user a confirmation code through SMS or Email. The user must enter that confirmation code before access to the app is granted.
How It Works
The following diagram depicts the sign-in flow:
In terms of the OpenID Connect (OIDC) specifications, the Web App is the Relying Party, and the ForgeRock Identity Cloud is the Authorization Server. See The OpenID Foundation Specifications.
For questions or feedback, contact us.