why the queries of FetchSecAuthOTPTask is executed while GetOTPTask call


Article ID: 102680


Updated On:


CA Rapid App Security CA Advanced Authentication CA API Gateway


FetchSecAuthOTPTask vs GetOTPTask

Why the queries of FetchSecAuthOTPTask is executed while GetOTPTask being called? 


Applicable for all the envs


Usually in secondary authentication flow where OTP authentication is required, first FetchSecAuthOTPTask is invoked to check mainly the status of OTP credential (whether it is locked, deleted or disabled) for the  user. Hence you are finding the queries of FetchSecAuthOTPTask.
In case credential status it ok or not found, then GetOTPTask is invoked to create a new OTP that is sent to user by e-mail or SMS.
This class Fetches the OTP credential during different secondary authentication flows like if computer is public device from Risk point of view and OTP has to be sent by e-mail or SMS. Similarly,  when ArcotID has to be downloaded on public device, then OTP credentials are fetched during this call to sent it via e-mail or SMS. The main purpose of this class is to fetch OTP credentials and check whether it is locked, disabled or deleted. Otherwise, GetOTPTask is invoked to create an OTP.
Creates OTP credential for user mainly during enrollment flow. This call is also invoked in above mentioned scenarios when OTP is not locked or disabled or deleted, in order to create a new OTP.

Additional Information