Overview[1]#
Authentication Method Reference Values (amr_values) is defined in RFC 8176 and creates a Authentication Method Reference Values Registry IANA Registry Authentication Method Reference Values
.
The "amr" (Authentication Method Reference) claim is defined and registered in the IANA "JSON Web Token Claims" registry IANA.JWT.Claims, but no standard Authentication Method Reference Values are currently defined. RFC 8176 specification establishes a registry for Authentication Method Reference values and defines an initial set of Authentication Method Reference Values.
The following is a list of Authentication Method Reference Values defined by the Authentication Method Reference Values specification:
| Value | Description |
|---|---|
| face | Facial recognition |
| fpt | Fingerprint recognition Biometric Authentication |
| geo | Geolocation |
| hwk | Proof-of-Possession (PoP) of a hardware-secured key. See Appendix C of RFC 4211 for a discussion on PoP. |
| iris | Iris recognition |
| kba | Knowledge-based authentication NIST.SP.800-63 |
| mca | Multiple-channel Authentication. The authentication involves communication over more than one distinct channel. |
| mfa | Multi-Factor Authentication NIST.SP.800-63. When this is present, specific Authentication Methods used may also be included. |
| otp | One-Time password. One-Time password specifications that this Authentication Method applies to include RFC 4226 and RFC 6238. |
| pin | Personal Identification Number or pattern (not restricted to containing only numbers) that a user enters to unlock a key on the device. This mechanism SHOULD have a way to deter an attacker from obtaining the PIN by trying repeated guesses. |
| pwd | Password-based Authentication |
| rba | Risk-Based Authentication JECM |
| retina | Retinal scan Biometric Authentication |
| sc | Smart Card |
| sms | Confirmation using SMS message to the user at a registered number |
| swk | Proof-of-Possession (PoP) of a Software-secured key. See Appendix C of RFC 4211 for a discussion on PoP. |
| tel | Confirmation by telephone call to the user at a registered number |
| user | User presence test |
| vbm | Voice recognition by Biometric Authentication |
| wia | Windows Integrated Authentication, as described in MSDN |
Where Used#
Authentication Method Reference Values SHOULD be used for all of the following:More Information#
There might be more information for this subject on one of the following:- Amr
- Amr_values
- Authentication Context Class vs Authentication Method Reference
- Authentication Factor
- Authentication Method
- Authentication Method Reference
- Authentication Method Reference Values
- Fpt
- Geo
- Hwk
- KBA
- Non-interactive
- RFC 8176
- Swk
- Tel
- Vbm
- [#1] - Authentication Method Reference Values draft-jones-oauth-amr-values-03 - based on information obtained 2013-04-10
Please see our Copyright And Intellectual Property Page and Standard Disclaimer Pages!