Package com.nimbusds.openid.connect.sdk.claims

Class AMR

  • All Implemented Interfaces:
    Serializable, Comparable<Identifier>, net.minidev.json.JSONAware
    @Immutable
public final class AMR
extends Identifier
    Authentication Method Reference (amr). It identifies the method used in authentication.

    The AMR is represented by a string or an URI string.

    Related specifications:

    • RFC 8176.
    • OpenID Connect Core 1.0, section 2.
    See Also:
    Serialized Form

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static AMR EYE
      Deprecated.
      static AMR FACE
      Biometric authentication (RFC 4949) using facial recognition.
      static AMR FPT
      Biometric authentication (RFC 4949) using a fingerprint.
      static AMR GEO
      Use of geolocation information for authentication, such as that provided by W3C REC-geolocation-API-20161108.
      static AMR HWK
      Proof-of-Possession (PoP) of a hardware-secured key.
      static AMR IRIS
      Biometric authentication (RFC 4949) using an iris scan.
      static AMR KBA
      Knowledge-based authentication (NIST.800-63-2, ISO29115).
      static AMR MCA
      Multiple-channel authentication (MCA).
      static AMR MFA
      Multiple-factor authentication (NIST.800-63-2, ISO29115).
      static AMR OTP
      One-time password (RFC 4949).
      static AMR PIN
      Personal Identification Number (PIN) (RFC 4949) or pattern (not restricted to containing only numbers) that a user enters to unlock a key on the device.
      static AMR POP
      Deprecated.
      static AMR PWD
      Password-based authentication (RFC 4949).
      static AMR RBA
      Risk-based authentication (Williamson, G., "Enhanced Authentication In Online Banking", Journal of Economic Crime Management 4.2: 18-19, 2006).
      static AMR SC
      Smart card (RFC 4949).
      static AMR SMS
      Confirmation using SMS text message to the user at a registered number.
      static AMR SWK
      Proof-of-Possession (PoP) of a software-secured key.
      static AMR TEL
      Confirmation by telephone call to the user at a registered number.
      static AMR USER
      User presence test.
      static AMR VBM
      Biometric authentication (RFC 4949) using a voiceprint.
      static AMR WIA
      Windows integrated authentication (Microsoft, "Integrated Windows Authentication with Negotiate", September 2011).

    • Constructor Summary

      Constructors 
      Constructor Description
      AMR​(String value)
      Creates a new Authentication Method Reference (AMR) with the specified value.

    • Field Detail

      • FACE

        public static final AMR FACE
        Biometric authentication (RFC 4949) using facial recognition.

      • FPT

        public static final AMR FPT
        Biometric authentication (RFC 4949) using a fingerprint.

      • GEO

        public static final AMR GEO
        Use of geolocation information for authentication, such as that provided by W3C REC-geolocation-API-20161108.

      • HWK

        public static final AMR HWK
        Proof-of-Possession (PoP) of a hardware-secured key. See Appendix C of RFC 4211 for a discussion on PoP.

      • IRIS

        public static final AMR IRIS
        Biometric authentication (RFC 4949) using an iris scan.

      • KBA

        public static final AMR KBA
        Knowledge-based authentication (NIST.800-63-2, ISO29115).

      • MCA

        public static final AMR MCA
        Multiple-channel authentication (MCA). The authentication involves communication over more than one distinct communication channel. For instance, a multiple-channel authentication might involve both entering information into a workstation's browser and providing information on a telephone call to a pre-registered number.

      • MFA

        public static final AMR MFA
        Multiple-factor authentication (NIST.800-63-2, ISO29115). When this is present, specific authentication methods used may also be included.

      • OTP

        public static final AMR OTP
        One-time password (RFC 4949). One-time password specifications that this authentication method applies to include RFC 4226 and RFC 6238.

      • PIN

        public static final AMR PIN
        Personal Identification Number (PIN) (RFC 4949) or pattern (not restricted to containing only numbers) that a user enters to unlock a key on the device. This mechanism should have a way to deter an attacker from obtaining the PIN by trying repeated guesses.

      • POP

        @Deprecated
public static final AMR POP
        Deprecated.
        Proof-of-possession (PoP) of a key. See Appendix C of RFC 4211 for a discussion on PoP.

      • PWD

        public static final AMR PWD
        Password-based authentication (RFC 4949).

      • RBA

        public static final AMR RBA
        Risk-based authentication (Williamson, G., "Enhanced Authentication In Online Banking", Journal of Economic Crime Management 4.2: 18-19, 2006).

      • SC

        public static final AMR SC
        Smart card (RFC 4949).

      • SMS

        public static final AMR SMS
        Confirmation using SMS text message to the user at a registered number.

      • SWK

        public static final AMR SWK
        Proof-of-Possession (PoP) of a software-secured key. See Appendix C of RFC 4211 for a discussion on PoP.

      • TEL

        public static final AMR TEL
        Confirmation by telephone call to the user at a registered number. This authentication technique is sometimes also referred to as "call back" (RFC 4949).

      • USER

        public static final AMR USER
        User presence test. Evidence that the end user is present and interacting with the device. This is sometimes also referred to as "test of user presence" (W3C WD-webauthn-20170216).

      • VBM

        public static final AMR VBM
        Biometric authentication (RFC 4949) using a voiceprint.

      • WIA

        public static final AMR WIA
        Windows integrated authentication (Microsoft, "Integrated Windows Authentication with Negotiate", September 2011).

    • Constructor Detail

      • AMR

        public AMR​(String value)
        Creates a new Authentication Method Reference (AMR) with the specified value.
        Parameters:
        value - The AMR value. Must not be null.