I was doing some additional testing, and I noticed that within the WebFort sample app, the 'Server Verification' under QnA ---> Authentication seems to accomplish exactly what we are trying to do, and it is allowing me to test the QnA flow even for a user who is assigned only 1 QnA. However, when I try to make two separate calls to do the same thing (GetQuestions and VerifyAnswers calls) the calls are failing. In the Webfort logs, I am seeing the following error message for the GetQuestions call when the user is assigned only 1 QnA
INFO TXN_WS 00003148 00243265 - The policy needs more number of questions to ask than the credential has. Setting response code as CONFIGURATION_INVALID
What we are trying to accomplish is effectively the same thing that the 'Server Verification' authentication within WebFort sample app is doing.
Release : 9.x
Component : AuthMinder(Arcot WebFort)
Strong Authentication a.k.a Authminder/Webfort has Soap API calls where you can pass the Policy Name in the additional inputs section. The issue is happening because the Policy used by the customer is not the DEFAULT one and in API call the Policy name is not send in customer request.
Below is a working example from support lab and can be used as a reference how to pass the Policy Name is the Additional inputs section. The tag to pass the Policy name is AR_WF_AUTH_POLICY and it is a name value pair.