Step 8: Configure Authentication Notifications
In order to verify the identity of the user attempting to reset a password, a one-time passcode (OTP) must be sent to them via email or SMS. This article will lead you through configuring the notification templates and the events that send the notifications.
Note
Both sending emails and SMS messages require additional configuration within NIM. See the following articles for more information:
Add an Email Template
Navigate to Events > Templates.
Click the Add button.
Provide a name for the new template (e.g., "employee_password_reset_email") and click Create.
In the Notification event dropdown, select password-reset-code-email:<your password reset profile name>.
Next to the To field, click Insert variable. Find and select the "data.vprConfirmationCodeAddress" variable and click Insert.
Note
When the message is sent, data.vprConfirmationCodeAddress will resolve to the value of the email address that is associated to the end user. This is the email address that you mapped to one of the MailAddress fields in Step 5.
Provide a suitable subject for the message.
Fill out the body of the email as you see fit, but be sure to click the
button and insert the data.vprConfirmationCode variable.Note
When the message is sent, data.vprConfirmationCode will resolve to the generated OTP code. The end user will need to supply this code back to NIM in order to positively identify themselves and reset their password.
Click Save.
Add an Email Notification Event Action
Now that the email notification template has been created, you will need to specify the action that will send the notification to the end user.
Navigate to Events > Actions.
Click the Add button.
In the Event type dropdown, select password-reset-code-email.
In the Event name dropdown, select the password reset profile that you created in Step 4.
In the Template dropdown of the newly-added record, select the name of the email template you created earlier.
Click Save.
Add an SMS Template
Important
OTP sent over SMS requires additional configuration and licensing for NIM. If you are not currently licensed for SMS features, please contact your sales representative.
Navigate to Events > Templates.
Click the Add button.
Provide a name for the new template (e.g., "employee_password_reset_sms") and click Create.
In the Notification event dropdown, select password-reset-code-sms:<your password reset profile name>.
Change the Notification type dropdown to SMS
Next to the To field, click Insert variable. Find and select the "data.vprConfirmationCodeAddress" variable and click Insert.
Note
When the message is sent, data.vprConfirmationCodeAddress will resolve to the value of the phone number that is associated to the end user. This is the phone number that you mapped to one of the SmsPhoneNumber fields in Step 5.
Fill out the message field of the email as you see fit, but be sure to insert the data.vprConfirmationCode variable.
Note
When the message is sent, data.vprConfirmationCode will resolve to the generated OTP code. The end user will need to supply this code back to NIM in order to positively identify themselves and reset their password.
Click Save.
Add an SMS Notification Event Action
Now that the SMS notification template has been created, you will need to specify the action that will send the notification to the end user.
Navigate to Events > Actions.
Click the Add button.
In the Event type dropdown, select password-reset-code-sms.
In the Event name dropdown, select the password reset profile that you created in Step 4.
In the Template dropdown of the newly-added record, select the name of the email template you created earlier.
Click Save.
Next, publish your password reset application to your organization.