Otp

Otp class implementing multi-factor authentication. Contains the majority of MFA logic. Employ methods of this class specifically in cases of OTP.

Method	Description	Available from version
activate	Activates OTP for user.
canSkipMandatory	Verifies if a user can skip OTP.
canSkipMandatoryByRights	Verifies, if user access permissions require to connect OTP.
deactivate	Deactivates OTP for user for a necessary number of days or permanently.
defer	Defers a required OTP for a necessary period of days or permanently.
delete	Deletes OTP entries from database.	14.5.6
getAlgorithm	Returns instance of used OTP algorithm.
getAppSecret	Returns generated mobile app token, used for manual device initialization.
getAttempts	Returns counter of verification attempts.
getAvailableTypes	Returns available OTP algorithm types.
getByType	Returns new instance with required OTP algorithm.
getByUser	Returns new instance for the user by its ID.
getContext	Returns context for current query.
getDefaultType	Returns default type of OTP algorithm.
getDeferredParams	Returns deferred parameters.
getHexSecret	Returns a secret, re-coded into hexadecimal notation.
getIssuer	Returns provider or service ID parameter.
getLabel	Returns label for provider or service ID parameter.
getMandatoryRights	Returns set of user access permissions with mandatory OTP use.
getParams	Returns user parameters (for example, counter for HotpAlgorithm - `\Bitrix\Security\Mfa\HotpAlgorithm`).
getProvisioningUri	Returns URL for connecting mobile device according to KeyUriFormat.
getSecret	Returns generated secret.
getSkipMandatoryDays	Returns a time period (in days) for setting a required OTP.
getSyncParameters	Returns synchronized user parameters.
getType	Returs employed OTP algorithm type.
getTypesDescription	Returns description for available OTP algorithms.
getUserId	Returns user ID, attached to OTP instance.
getUserLogin	Returns user login.
isActivated	Returns OTP active status.
isAttemptsReached	Verifies if number of authorization attempts, allowed by security policy, has been exceeded.
isCaptchaRequired	Defines, if user can enter captcha code, before providing OTP password.
isMandatorySkipped	Returns `true` when user can skip the required OTP.
isMandatoryUsing	Defines, if required OTP is activated.
isOtpEnabled	Verifies, if OTP feature is enabled.
isOtpRequired	Returns `true` when user can enter OTP from user's device.
isOtpRequiredByMandatory	Returns `true`, if user does not use OTP, but OTP is required and the number of connection days has expired.
isRecoveryCodesEnabled	Defines if recovery codes are enabled.
regenerate	Re-initializes OTP (new arbitrary token is generated (secret), standard algorithm is set and etc.).
save	Saves all OTP data into database.
setActive	Sets new activation status.
setAppSecret	Sets new secret for mobile app.
setContext	Sets context for current query.
setDefaultType	Sets OTP algorithm type by default.
setDeferredParams	Sets or deletes deferred parameters.
setHexSecret	Sets new secret in hexadecimal notation.
getInitialDate	Returns date of OTP initializations.
setIssuer	Sets provider or service user ID parameter.
setLabel	Sets a user label.
setMandatoryRights	Sets OTP as required for user.
setMandatoryUsing	Method activates or deactivates OTP.
setSecret	Sets new secret.
setSkipMandatoryDays	Method defines period (in days) for skipping a required OTP.
setType	Sets new type of OTP algorithm.
setUserInfo	Sets new user information.
setUserLogin	Sets user login.
syncParameters	Synchronizes user data for input.
syncParameters	Synchronizes user parameters for input.
verify	Confirms user inputted data.
verifyUser	Responsible for complex OTP verification.