120650cd0SRavi Tejadescription: > 220650cd0SRavi Teja This interface defines methods and properties required for Time-based 320650cd0SRavi Teja One-time Password (TOTP) multi-factor authentication at user level to 420650cd0SRavi Teja support multi-factor authentication secret key setup for each user. This 520650cd0SRavi Teja interface implemented by each user object to support TOTP based 620650cd0SRavi Teja authenticators like google, microsoft, etc. 720650cd0SRavi Teja 820650cd0SRavi Tejamethods: 920650cd0SRavi Teja - name: CreateSecretKey 1020650cd0SRavi Teja description: > 1120650cd0SRavi Teja This method setup Time-based One-time Password (TOTP) authenticator 1220650cd0SRavi Teja secret key for the given user and returns secret key string to share 1320650cd0SRavi Teja secret key to user. 1420650cd0SRavi Teja returns: 1520650cd0SRavi Teja - name: SecretKey 1620650cd0SRavi Teja type: string 1720650cd0SRavi Teja description: > 1820650cd0SRavi Teja Secret key string which will be shared to user to setup TOTP 1920650cd0SRavi Teja applications to generate TOTP token. 20*ad26251bSRavi Teja errors: 21*ad26251bSRavi Teja - xyz.openbmc_project.Common.Error.UnsupportedRequest 22*ad26251bSRavi Teja - xyz.openbmc_project.Common.Error.NotAllowed 2320650cd0SRavi Teja 2420650cd0SRavi Teja - name: VerifyOTP 2520650cd0SRavi Teja description: > 2620650cd0SRavi Teja This method verifies OTP with Time-based One-time Password 2720650cd0SRavi Teja authenticator secret key for the given user and returns weather this 2820650cd0SRavi Teja OTP is valid or not which make sure user has setup valid secret key 2920650cd0SRavi Teja for two factor authentication. 3020650cd0SRavi Teja parameters: 3120650cd0SRavi Teja - name: OTP 3220650cd0SRavi Teja type: string 3320650cd0SRavi Teja description: > 3420650cd0SRavi Teja One-time password string 3520650cd0SRavi Teja returns: 3620650cd0SRavi Teja - name: Status 3720650cd0SRavi Teja type: boolean 3820650cd0SRavi Teja description: > 3920650cd0SRavi Teja Returns true if provided OTP is valid otherwise returns false. 40*ad26251bSRavi Teja errors: 41*ad26251bSRavi Teja - xyz.openbmc_project.Common.Error.UnsupportedRequest 42*ad26251bSRavi Teja - xyz.openbmc_project.Common.Error.NotAllowed 4320650cd0SRavi Teja 445774060eSRavi Teja - name: ClearSecretKey 455774060eSRavi Teja description: > 465774060eSRavi Teja This method clears Time-based One-time Password authenticator secret 475774060eSRavi Teja key for the given user. 485774060eSRavi Teja errors: 495774060eSRavi Teja - xyz.openbmc_project.Common.Error.UnsupportedRequest 505774060eSRavi Teja - xyz.openbmc_project.Common.Error.NotAllowed 5120650cd0SRavi Tejaproperties: 52823f5c83SRavi Teja - name: SecretKeyGenerationRequired 53823f5c83SRavi Teja type: boolean 54823f5c83SRavi Teja default: false 55823f5c83SRavi Teja flags: 56823f5c83SRavi Teja - readonly 57823f5c83SRavi Teja description: > 58823f5c83SRavi Teja This property indicates whether TOTP authenticator secret key setup 59823f5c83SRavi Teja required for the given user to complete Time-based One-time Password 60823f5c83SRavi Teja authentication setup 61823f5c83SRavi Teja 6220650cd0SRavi Teja - name: SecretKeyIsValid 6320650cd0SRavi Teja type: boolean 6420650cd0SRavi Teja default: false 6520650cd0SRavi Teja description: > 6620650cd0SRavi Teja This property indicates whether TOTP authenticator secret key setup 6720650cd0SRavi Teja for the given user 6820650cd0SRavi Teja 6920650cd0SRavi Teja - name: BypassedProtocol 7020650cd0SRavi Teja type: enum[xyz.openbmc_project.User.MultiFactorAuthConfiguration.Type] 7120650cd0SRavi Teja default: None 7220650cd0SRavi Teja description: > 7320650cd0SRavi Teja User level multi-factor authentication bypass settings. This interface 7420650cd0SRavi Teja will be implemented by user D-bus object to support user's MFA bypass 7520650cd0SRavi Teja configuration. 76