Genesys Cloud - Developer Community!

Hi Nikhil,

Just to clarify, are you referring to a Digital Bot based MFA/password reset process for end users/customers rather than MFA related to logging into Genesys itself?

If so, a common Digital Bot approach would usually be (I haven't implemented the below yet):

1. User starts the password/MFA reset conversation in the Digital Bot

2. Bot collects verification details (ID, username, DOB, etc.)

3. Bot calls backend APIs/Data Actions for identity validation

4. You could also generate a random verification/OTP code through an API/Data Action, send it externally to the user (SMS/email), and ask the user to enter the same code back into the bot for additional verification

5. If verification succeeds, trigger the MFA/password reset workflow through your identity platform (Okta, Azure AD, etc.)

6. Return success/failure/escalation response back to the user.

We are currently also looking into using AVA for the identity verification portion (for example validating name, ID, DOB, etc.). 

Hope this helps.

Thank you Phaneendra for your help.

Actually i building both Digital bot and also AVA.

5.I am thinking once i collect user id.

6.I can pass this id to backend API than return i can get successful or fail.

Can you know which integration i need to use to push MFA notification ?

Hi Nikhil,

Just to clarify, are you referring to a Digital Bot based MFA/password reset process for end users/customers rather than MFA related to logging into Genesys itself?

If so, a common Digital Bot approach would usually be (I haven't implemented the below yet):

1. User starts the password/MFA reset conversation in the Digital Bot

2. Bot collects verification details (ID, username, DOB, etc.)

3. Bot calls backend APIs/Data Actions for identity validation

4. You could also generate a random verification/OTP code through an API/Data Action, send it externally to the user (SMS/email), and ask the user to enter the same code back into the bot for additional verification

5. If verification succeeds, trigger the MFA/password reset workflow through your identity platform (Okta, Azure AD, etc.)

6. Return success/failure/escalation response back to the user.

We are currently also looking into using AVA for the identity verification portion (for example validating name, ID, DOB, etc.). 

Hope this helps.

One question/thought as well if this is specifically for MFA reset scenarios where the user no longer has access to their MFA method/device, would the flow still send an MFA notification/challenge?

I was thinking in those cases the Digital Bot/AVA flow may instead need to focus more on identity verification (ID, DOB, alternate contact method, etc.) before triggering the MFA reset/re-registration workflow itself.

Thank you Phaneendra for your help.

Actually i building both Digital bot and also AVA.

5.I am thinking once i collect user id.

6.I can pass this id to backend API than return i can get successful or fail.

Can you know which integration i need to use to push MFA notification ?

Hi Nikhil,

Just to clarify, are you referring to a Digital Bot based MFA/password reset process for end users/customers rather than MFA related to logging into Genesys itself?

If so, a common Digital Bot approach would usually be (I haven't implemented the below yet):

1. User starts the password/MFA reset conversation in the Digital Bot

2. Bot collects verification details (ID, username, DOB, etc.)

3. Bot calls backend APIs/Data Actions for identity validation

4. You could also generate a random verification/OTP code through an API/Data Action, send it externally to the user (SMS/email), and ask the user to enter the same code back into the bot for additional verification

5. If verification succeeds, trigger the MFA/password reset workflow through your identity platform (Okta, Azure AD, etc.)

6. Return success/failure/escalation response back to the user.

We are currently also looking into using AVA for the identity verification portion (for example validating name, ID, DOB, etc.). 

Hope this helps.