Checklist ref
2AU.00.26
Area
2AU. Redirect to Web with OTP
Wireframe ref
26
Type
Common Standard
Requirement level
MUST
Participant
Data Holder
Statement
Where Redirect to App is unable to be used for the purposes of CDR authentication, and Decoupled Authentication is not supported, data holders MUST continue to support the 'Redirect to Web with OTP' flow in accordance with the relevant consumer experience authentication and security profile standards.
Reference
Authentication Schedule Standard, Fallback Authentication Flows
Example
Authenticate: Redirect to Web with One Time Password
Version introduced
1.35.0
Date introduced
22 September 2025
Date modified
Status
Active