OTP Access with Environment Variables

Business Background

OTP (One-Time Password) access is a security mechanism that generates a unique, temporary password or code for a single login session or transaction. It is often used as an additional layer of authentication to enhance security, commonly in multi-factor authentication (MFA) systems. OTPs are valid for only a short period and can only be used once, making it difficult for attackers to reuse stolen credentials.

Exporting projects with shared OTP Access can now be done seamlessly.

Titan Solution

With Titan, you can configure custom OTP access as a crucial security layer that helps safeguard sensitive information and transactions from unauthorized access and cyber threats.

How to Video

Coming soon!

How to Guide

In this article, you will learn how to do the following:

• Configure Environment Variables for OTP Access
• Map the Environment Variables in the Web Projects
• Configure the Apex Salesforce Integrations
• Configure the OTP Access
  • Configure a session that is not shared
  • Configure a shared session
• Configure the Smart OTP Form Widget
  • Configure the Access Control node – Login action
  • Configure the Access Control node – Verify action
  • Configure the Access Control node – Logout action

This article uses the parent Titan Web project as an example. You must configure the same way for each child project.

Configure Environment Variables for OTP Access

1. On the Titan Dashboard, open the Settings tab and click the Environment Variables option.
2. Click the Add Variable option. A line is added to the screen.
3. Type the name of the variable in the field (1).
4. Use the drop-down list to select the Project (2) option.
5. Click the Choose Project (3) button.

5. Use the Search field to search for a project.

6. Alternatively, click on a Titan product in the list on the left to view only the projects associated with that product, for instance, Web. You can use the Search option to search for a specific product.

7. Click the checkbox if the variable is Public (4).
8. Click the Save button.
9. Click the Yes button if you are sure that you want to save the variable.

For this example, the following environment variables were added:

Map the Environment Variables in the Web Projects

1. Open the parent (master) project.
2. Open the Project settings and click the Tools option.
3. Click the Gear icon next to Custom Variables.

4. Click the Conditions option.
5. Click the Kebab icon and click the Edit option.

6. Type “otp” in the field. The following variables are shown:

• OTP IsLoggedIn: Use this variable for any condition or other criteria in Salesforce.
  • For instance, the variable is linked to the client who uses the OTP and everything they do from Titan in Salesforce during that session is done in the context of that specific Salesforce user (otherwise, all Salesforce actions are done in the context of the Integration User).
  • For instance, this can be used when mapping run criteria to ensure that a Salesforce Push only happens when the client is still logged in and the session is still valid.

• OTP Time Until Session Ends: The default time is two hours, but it can be changed.

7. Click the Next button. and
8. Add a tag if necessary and click the Save button.
9. Click the Apply button on the Custom Variables screen.

Configure the Apex Salesforce Integrations

1. Click the Salesforce option. The Salesforce Integration screen opens.

2. Click the Create New button to configure a new Salesforce Get integration.

3. Use the Object in Salesforce drop-down list to select “Your APEX”.
4. Type a description. This makes it easier to select the Apex later on.
5. Add the Apex name in the Class Name field.
6. Use the Trigger to execute pull drop-down list to select “User action”.

7. Click the Parameters option and type the parameter/s in the relevant field. These are the parameters passed to the Apex.

8. Click the Mapping option, and use the drop-down list/s to select the relevant option/s. These are the parameters passed from the Apex.

9. Click the Apply button.
10. Repeat these steps for the necessary Apex integrations.
11. Click the Close button.

Configure the OTP Access

1. Under User Access, ensure the OTP Access toggle switch is on.
2. Click the Gear icon to open the Configure OTP screen.

Configure a session that is not shared

1. Do not toggle the Use shared session switch.
2. Use the drop-down lists to select the following:
   • Initial Action: This Apex will trigger and get the parameters when a client enters information on the form.
     • This information can be a last name, email and phone number, or any other information that you use to identify the user.
     • Titan passes these parameters as well as the method (for instance, SMS or email) that you chose to send the OTP to the Apex.
   • Send Action: This Apex is triggered if a login happens and the client is identified in the first step.
     • The client is shown the OTP verification screen where they can enter the one-time pin.
   • Verify Action: This Apex is used to verify the code that the client entered.
     • Titan sends the code to the Apex and the Apex validates whether the code is correct or not.
     • The client is logged in and Salesforce gives Titan the session for the client.
     • The session key is held by a Titan variable.
     • The session time can be set for when the client will be logged out.

3. Click the Next button.
4. Use the toggle switches to enable the following:

• Override Salesforce session: The OTP becomes the primary method of authorization, bypassing the previously issued Salesforce token.
• Allow share session: Use the drop-down list to select the projects with which you want to share the session.
  • In this instance, the applicable environment variables are selected.

• Session Duration (minutes): Type a number in the field.
  • The session duration can range from 5 to 720 minutes.
  • When the toggle switch is off, the duration is 2 hours (120 minutes).

Configure a shared session

You can configure a shared session from a child project to a parent project.

1. On the child project, toggle the Use shared session switch.
2. Use the Shared session source drop-down list to select the project with which the session is shared.
   • In this instance, the parent project is selected.
3. Use the Parameters drop-down lists to select the template ID and the record ID, if necessary.
4. Click the Next button.

5. Click the Gear icon to configure the following:
   • Init Parameters
   • Login Parameters
   • Verify Parameters

6. Set the parameters:
   • Static: Type a parameter name in the field.
   • Field: Use the drop-down list to select an option.
7. Click the Apply button.

8. Click the Apply button.

The OTP verification is done on the parent project and passed to the child project.

Configure the Smart OTP Form Widget

1. Click the + icon to open the list of elements.
2. Select the Widget option from the list.
3. Drag-and-drop the SmartV form to the canvas.

4. Click the Gear icon and configure the SmartV OTP settings options as necessary.
5. To configure the user access on a custom button, click the Hide button checkbox. The widget’s button will be hidden.
   • You can configure the following user access options on a custom button:
     • Login
     • Verify
     • Logout

6. Under Interactivity, click the Clear warning on re-enter checkbox to clear the warning that is shown when the incorrect OTP values are entered. The incorrect values are also cleared when the client starts to enter new values.

Configure the Access Control node – Login action

You can configure the action on a custom button to run the Initial and Login Apexes and redirect the client to the Smart OTP form widget.

1. On a button element, click the On Click Action icon. The On Click Action screen opens.

2. Next to the Start node, click the + icon. The Add Node screen opens.

3. Under System Actions, click the User Action option and then click the Next button.

4. Use the drop-down list and select the OTP Login user access parameters.
5. Click the Next button.

6. If necessary, change the tag and click the Insert button. The User Access node is added.

7. Use the following options to add any actions on the User Access node as relevant:
   • During Run
   • On Fail Init
   • On Success
   • On Fail Login
   • On Success Login
   • On Fail Verify
   • On Success Verify
8. Click the Apply button.

Configure the Access Control node – Custom Verify action

You can configure a verify action on a custom button to run the Verify Apex.

1. On a button element, click the On Click Action icon.

2. Next to the Start node, click the + icon.

3. Under System Actions, click the User Action option and then click the Next button.

4. Use the drop-down list and select the OTP Verify user access parameters.
5. Click the Next button.

6. If necessary, change the tag and click the Insert button. The User Access node is added.

7. Use the following options to add any actions on the User Access node as relevant:
   • During Run
   • On Fail
   • On Success
8. Click the Apply button.

Configure the Access Control node – Logout action

You can configure the action on a button to log out the client. The session ends when the client logs out.

1. On a button element, click the On Click Action icon.

2. Next to the Start node, click the + icon.

3. Under System Actions, click the User Action option and then click the Next button.

4. Use the drop-down list and select the OTP Logout user access parameters.
5. Click the Next button.

6. If necessary, change the tag and click the Insert button. The User Access node is added.

7. Use the following option to add any actions on the User Access node as relevant:
   • During Run
8. Click the Apply button.

---

Learn more about Titan’s native integration with the Salesforce Experience Cloud.

Create custom Salesforce forms, collect data, and automate processes with our drag-and-drop form builder.

Easily design, deploy, and measure custom web applications directly from Salesforce using Titan’s drag-and-drop web page builder.