SMS Two Factor Authentication (Dual Factor Authentication) is a security verification procedure, which is triggered through a user logging into a website, software or application. In the log-in process, the user is automatically sent an SMS to their mobile number containing a unique numeric code.
There are a number of organizations providing this service and as long as they have well documented REST API’s you can easily integrate AEM Forms using the data integration capabilities of AEM Forms. For the purpose of this tutorial, I have used Nexmo to demonstrate the SMS 2FA use case.
The following steps were followed to implement the SMS 2FA with AEM Forms using Nexmo Verify service.
Create a developer account with Nexmo. Make a note of the API Key and API Secret Key. These keys are needed to invoke REST API’s of the Nexmo’s service.
OpenAPI Specification (formerly Swagger Specification) is an API description format for REST APIs. An OpenAPI file allows you to describe your entire API, including:
To create your first swagger/OpenAPI file, please follow the OpenAPI documentation
AEM Forms supports OpenAPI Specification version 2.0 (fka Swagger).
Use the swagger editor to create your swagger file to describe the operations that send and verify OTP code sent using SMS. The swagger file can be created in JSON or YAML format. The completed swagger file can be downloaded from here
To integrate AEM/AEM Forms with third party applications, we need to REST based data source using the swagger file in the cloud services configuration. The completed data source is provided to you as part of this course assets.
AEM Forms data integration provides an intuitive user interface to create and work with form data models. A form data model relies on data sources for exchange of data.
The completed form data model can be downloaded from here