nfactor DualAuth Logon Schema and Radius OTP challenge Buttons

[Danny Lin1709161803]

Hi Citrix Masters and Gurus, 

 

Currently using the standard default NoSchema Ldap. with nextfactor auth to a Radius Authentication server policy action.  (One Identity Starling 2FA solution)

 

  -Everything works except during the OTP challenge page, users have to manually type in the method of delivery instead.   Text string format (SMS, Phone, Push, or the Code on the App)

 

My goal is to see if we can add response buttons at the OTP factor / challenge step,  so that users do not have to type "SMS", "phone" or "push" to get the code sent to their already registered cell numbers from the 2fa solution.

 

Question:  Does this take creating a custom logon schema XML, define policies bindings and define http body respond expressions in order to make the 3 buttons display during the Authentication factor-> Radius ->  OTP challenge?  Shown in the mock up picture that allows the user to push buttons to respond to a token challenge string.

 

*we've tried to follow Cisco's Duo MFA guide from https://blogs.serioustek.net/post/2018/04/27/duo-prompt-and-netscaler-nfactor-auth, -Thanks Jake for the great write up!  But DUO is a more mature solution that uses different service ports for each toke delivery action (sms, phone, push).  It also have built in support for iframe / rfwebui.  

 

One Identity Starling Radius only supports basic Radius OTP string response to initiate the method of token delivery it seems.

 

Thanks in advance.