Configure conditional authentication
# Configure conditional authentication
Given below are the high-level steps for enabling conditional authentication in your application.
# Enable conditional authentication
To enable conditional authentication:
On the Asgardeo Console, click Applications.
Select the application for which you wish to apply a conditional login flow and go to its Login Flow tab.
Click Start with default configuration to define the login flow starting with the
username and password
login.Turn on Conditional Authentication by switching the toggle on. You can define your conditional authentication script in the editor.
Important
As a security measure, Asgardeo does not allow the usage of two consecutive periods (
..
) in authentication scripts.
# Add conditional authentication script
There are two ways to add a conditional authentication script:
- Use a predefined template.
- Write a new conditional auth script.
# Add a secret to the script
Secrets securely store values associated with external APIs. These secret values are used in conditional authentication scripts when Asgardeo is required to interact with an external API (service endpoint) during the authentication process. You can securely store these secret values on the Asgardeo Console and retrieve them whenever required for conditional authentication.
# Create a new secret
To add a new secret:
On the Asgardeo Console, go to Applications.
Select your application and go to the Sign-in Method tab .
Add a new secret from your preferred editor:
Using the Classic Editor
Enable conditional authentication and click the key icon above the script to create a new secret.
Using the Visual Editor
Switch to the Visual Editor tab, expand the Script Editor and click Add Secret.
Click Create new secret from the drop-down menu.
Enter the following details:
Parameter Description Secret Name A meaningful name for the secret. This name is not changeable. Secret Value You can enter the secret value that is 1
to2048
bits in length.Secret Description A short description for the secret. Click Finish to complete the creation.
# Delete an existing secret
To delete an existing secret:
On the Asgardeo Console, go to Applications.
Select your application and go to the Sign-in Method tab .
Delete the secret by using your preferred editor:
Using the Classic Editor
Enable conditional authentication and click the key icon above the script to delete a secret.
Using the Visual Editor
Switch to the Visual Editor tab, expand the Script Editor and click Add Secret.
Click the trash icon next to the secret you wish to delete.
Select the checkbox and confirm your action.