Hello, My scenario is to show the user only those 2fa mechanism that he had already enrolled. But I am unable to check if user biometrics are registered or not, using AAC policy. Is there any other way to do it ?

------------------------------
afras khan
------------------------------

This should be possible using a couple of different techniques:
In the source code associated with the blog article Branching Authentication Policy in ISAM Advanced Access Control I used SCIM to perform registration discovery.
More recently than that article, I believe the com.tivoli.am.fim.registrations.MechanismRegistrationHelper class should be able to provide this information in a simpler way. You can use these helpers in either an Infomap authentication mechanism rule or in a branching AAC decision rule.

------------------------------
Shane Weeden
IBM
------------------------------

Original Message:
Sent: Thu October 21, 2021 06:20 AM
From: afras khan
Subject: MMFA fingerprint status of user

Hello, My scenario is to show the user only those 2fa mechanism that he had already enrolled. But I am unable to check if user biometrics are registered or not, using AAC policy. Is there any other way to do it ?

------------------------------
afras khan
------------------------------