Package com.nimbusds.openid.connect.sdk.claims

Class AMR

java.lang.Object
com.nimbusds.oauth2.sdk.id.Identifier
com.nimbusds.openid.connect.sdk.claims.AMR
All Implemented Interfaces:
Serializable, Comparable<Identifier>, net.minidev.json.JSONAware
@Immutable public final class AMR extends Identifier
Authentication Method Reference (amr). It identifies the method used in authentication.

The AMR is represented by a string or an URI string.

Related specifications:

  • RFC 8176.
  • OpenID Connect Core 1.0, section 2.
See Also:

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final AMR
    EYE
    Deprecated.
    static final AMR
    FACE
    Biometric authentication (RFC 4949) using facial recognition.
    static final AMR
    FPT
    Biometric authentication (RFC 4949) using a fingerprint.
    static final AMR
    GEO
    Use of geolocation information for authentication, such as that provided by W3C REC-geolocation-API-20161108.
    static final AMR
    HWK
    Proof-of-Possession (PoP) of a hardware-secured key.
    static final AMR
    IRIS
    Biometric authentication (RFC 4949) using an iris scan.
    static final AMR
    KBA
    Knowledge-based authentication (NIST.800-63-2, ISO29115).
    static final AMR
    MCA
    Multiple-channel authentication (MCA).
    static final AMR
    MFA
    Multiple-factor authentication (NIST.800-63-2, ISO29115).
    static final AMR
    OTP
    One-time password (RFC 4949).
    static final AMR
    PIN
    Personal Identification Number (PIN) (RFC 4949) or pattern (not restricted to containing only numbers) that a user enters to unlock a key on the device.
    static final AMR
    POP
    Deprecated.
    static final AMR
    PWD
    Password-based authentication (RFC 4949).
    static final AMR
    RBA
    Risk-based authentication (Williamson, G., "Enhanced Authentication In Online Banking", Journal of Economic Crime Management 4.2: 18-19, 2006).
    static final AMR
    SC
    Smart card (RFC 4949).
    static final AMR
    SMS
    Confirmation using SMS text message to the user at a registered number.
    static final AMR
    SWK
    Proof-of-Possession (PoP) of a software-secured key.
    static final AMR
    TEL
    Confirmation by telephone call to the user at a registered number.
    static final AMR
    USER
    User presence test.
    static final AMR
    VBM
    Biometric authentication (RFC 4949) using a voiceprint.
    static final AMR
    WIA
    Windows integrated authentication (Microsoft, "Integrated Windows Authentication with Negotiate", September 2011).

    Fields inherited from class com.nimbusds.oauth2.sdk.id.Identifier

    DEFAULT_BYTE_LENGTH, secureRandom

  • Constructor Summary

    Constructors
    Constructor
    Description
    AMR(String value)
    Creates a new Authentication Method Reference (AMR) with the specified value.

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    equals(Object object)
     

    Methods inherited from class com.nimbusds.oauth2.sdk.id.Identifier

    compareTo, getValue, hashCode, toJSONString, toString, toStringList

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

  • Field Details

    • FACE

      public static final AMR FACE
      Biometric authentication (RFC 4949) using facial recognition.

    • FPT

      public static final AMR FPT
      Biometric authentication (RFC 4949) using a fingerprint.

    • GEO

      public static final AMR GEO
      Use of geolocation information for authentication, such as that provided by W3C REC-geolocation-API-20161108.

    • HWK

      public static final AMR HWK
      Proof-of-Possession (PoP) of a hardware-secured key. See Appendix C of RFC 4211 for a discussion on PoP.

    • IRIS

      public static final AMR IRIS
      Biometric authentication (RFC 4949) using an iris scan.

    • EYE

      @Deprecated public static final AMR EYE
      Deprecated.
      Retina scan biometric.

    • KBA

      public static final AMR KBA
      Knowledge-based authentication (NIST.800-63-2, ISO29115).

    • MCA

      public static final AMR MCA
      Multiple-channel authentication (MCA). The authentication involves communication over more than one distinct communication channel. For instance, a multiple-channel authentication might involve both entering information into a workstation's browser and providing information on a telephone call to a pre-registered number.

    • MFA

      public static final AMR MFA
      Multiple-factor authentication (NIST.800-63-2, ISO29115). When this is present, specific authentication methods used may also be included.

    • OTP

      public static final AMR OTP
      One-time password (RFC 4949). One-time password specifications that this authentication method applies to include RFC 4226 and RFC 6238.

    • PIN

      public static final AMR PIN
      Personal Identification Number (PIN) (RFC 4949) or pattern (not restricted to containing only numbers) that a user enters to unlock a key on the device. This mechanism should have a way to deter an attacker from obtaining the PIN by trying repeated guesses.

    • POP

      @Deprecated public static final AMR POP
      Deprecated.
      Proof-of-possession (PoP) of a key. See Appendix C of RFC 4211 for a discussion on PoP.

    • PWD

      public static final AMR PWD
      Password-based authentication (RFC 4949).

    • RBA

      public static final AMR RBA
      Risk-based authentication (Williamson, G., "Enhanced Authentication In Online Banking", Journal of Economic Crime Management 4.2: 18-19, 2006).

    • SC

      public static final AMR SC
      Smart card (RFC 4949).

    • SMS

      public static final AMR SMS
      Confirmation using SMS text message to the user at a registered number.

    • SWK

      public static final AMR SWK
      Proof-of-Possession (PoP) of a software-secured key. See Appendix C of RFC 4211 for a discussion on PoP.

    • TEL

      public static final AMR TEL
      Confirmation by telephone call to the user at a registered number. This authentication technique is sometimes also referred to as "call back" (RFC 4949).

    • USER

      public static final AMR USER
      User presence test. Evidence that the end user is present and interacting with the device. This is sometimes also referred to as "test of user presence" (W3C WD-webauthn-20170216).

    • VBM

      public static final AMR VBM
      Biometric authentication (RFC 4949) using a voiceprint.

    • WIA

      public static final AMR WIA
      Windows integrated authentication (Microsoft, "Integrated Windows Authentication with Negotiate", September 2011).

  • Constructor Details

    • AMR

      public AMR(String value)
      Creates a new Authentication Method Reference (AMR) with the specified value.
      Parameters:
      value - The AMR value. Must not be null.

  • Method Details