Resetting the one-time password policy for a user in Keycloak

If multi-factor authentication is enabled for HCL OneTest Server, and a user is not able to log in because the mobile device that generates an OTP is lost, the user must request the Server Administrator to reset their credentials. The Server Administrator must reset the credentials of the user so that the user can register the mobile device again.

Before you begin

You must have completed the following tasks:

About this task

When as a Server Administrator, you configure and enable a one-time password (OTP) authentication policy in Keycloak, all users who attempt to log into HCL OneTest Server must provide their password and an OTP. Users must install the OTP generators on their mobile devices and register their mobile devices with Keycloak.

If a user loses the mobile device that has the OTP generators installed, then that user cannot provide an OTP to log into HCL OneTest Server.

You must then delete the stored credentials of the user for the OTP authentication in Keycloak and re-enable the OTP action for the user. The user must register the new device again for OTP authentication.

Procedure

  1. Click Users in the navigation pane.

    The Users page is displayed.

  2. Search for the user by entering the username of the user in the Search field.
  3. Click the username that is displayed as a result of the search.

    The User details page is displayed.

  4. Click the Credentials tab.
  5. Click the menu icon Image of the menu icon. in the row of Otp, and then click Delete.
    Image of the user page for deleting the otp.
  6. Click Delete in the Delete credentials? dialog.
    Image of the Delete credential dialog.
    The saved details of the OTP credential are removed for the user.Image of the user page with the otp credential removed.
  7. Click the Details tab on the User page.
  8. Select the Configure OTP option from the Required user actions list.
    Image of adding the Configure OTP option.
  9. Click Save.
    When the user attempts to sign in or log into HCL OneTest Server, the Authenticator Setup dialog is displayed, and the user can register their new device for the OTP authentication with Keycloak.

Results

You reset the OTP policy for a user.