Configuration: Allowed Registration Factors
🎯 Purpose
Determines which authentication factors users can register and set up during the account activation process. This configuration shapes the initial user onboarding experience and defines available security options.
📍 Configuration Location
- Module: Auth Server
- Configuration Name:
allowed.reg.factors - Access Path:
Module Config Management → Auth Server → allowed.reg.factors
📊 Available Configuration Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
rememberMe | boolean | true | Allow browser saving during activation |
smsOtp | boolean | true | Enable SMS OTP registration option |
emailOtp | boolean | true | Enable Email OTP registration option |
password | boolean | true | Enable password creation during activation |
securityQA | boolean | false | Enable security questions for account recovery |
🔧 Parameter Details
🌐 rememberMe (Registration)
- Function: Controls browser remembering option during activation
- When Enabled: "Remember Me" checkbox appears on activation screens
- User Impact: Users can immediately trust their browser after activation
- Security Consideration: Balances convenience vs. security for new users
- Workflow: Checkbox available alongside password and factor setup
📲 smsOtp (Registration)
- Function: Enables SMS OTP as registration option during activation
- When Enabled: SMS appears as second factor choice during setup
- User Process: Users can register mobile number and verify via SMS
- Alternative: Works alongside emailOtp as second factor option
- Requirement: SMS service must be properly configured
📧 emailOtp (Registration)
- Function: Enables Email OTP as registration option during activation
- When Enabled: Email appears as second factor choice during setup
- User Process: Users can register email address and verify via email
- Alternative: Works alongside smsOtp as second factor option
- Requirement: Email service must be properly configured
🔒 password (Registration)
- Function: Controls password creation option during activation
- When Enabled: Users can set up password-based authentication
- When Disabled: Passwordless activation flow enforced
- Impact: Affects both web and mobile app authentication options
- Security: Provides traditional authentication factor option
❓ securityQA (Registration)
- Function: Enables security question and answer setup
- When Enabled: Users prompted to create security questions during activation
- Purpose: Provides account recovery method through knowledge-based authentication
- User Experience: Additional step in activation process
- Recovery Use: Questions used during account recovery IDV process
📋 Registration Flow Impact Matrix
| Configuration | Enabled State | User Sees During Activation | Impact on User Options |
|---|---|---|---|
rememberMe = true | ✅ Enabled | "Remember Me" checkbox | Can trust browser immediately |
rememberMe = false | ❌ Disabled | No browser saving option | Must authenticate fully next time |
smsOtp = true | ✅ Enabled | SMS as 2FA option | Can use mobile number for auth |
smsOtp = false | ❌ Disabled | No SMS option | Must use other 2FA methods |
emailOtp = true | ✅ Enabled | Email as 2FA option | Can use email address for auth |
emailOtp = false | ❌ Disabled | No email option | Must use other 2FA methods |
password = true | ✅ Enabled | Password creation fields | Traditional password auth available |
password = false | ❌ Disabled | No password setup | Passwordless activation only |
securityQA = true | ✅ Enabled | Security questions setup | Q&A available for recovery |
securityQA = false | ❌ Disabled | No security questions | No Q&A recovery method |
🔄 Registration Process Flow
Standard Activation Flow (Most Options Enabled)
- Password Setup: User creates password (if
password = true) - Browser Option: User chooses to remember browser (if
rememberMe = true) - Second Factor Selection: User chooses between SMS or Email (based on enabled options)
- Factor Registration: User completes chosen second factor setup
- Security Questions: User creates Q&A pairs (if
securityQA = true) - Completion: User redirected to configured endpoint
Minimal Configuration Flow
- REL-ID Mobile Only: User activates with mobile app factors only
- No Web Factors: Skip password, SMS, and email setup
- Mobile Dependencies: User must have REL-ID mobile app
- Limited Recovery: Fewer account recovery options available
🎯 Configuration Scenarios and Use Cases
🏢 Enterprise Security Scenario
🌐 Consumer-Friendly Scenario
📱 Mobile-First Scenario
Updated 15 days ago