Luware Knowledge

Nimbus Portal Nimbus Admin Release Notes Service Status
Home Nimbus Use Cases Power Automate Use Cases

Use Case - Implement 2-Factor Authentication by Verifying a Phone Number with SMS Token

Two-factor authentication (2FA) is a security process in which users provide two different authentication factors to verify themselves. Two-factor authentication provides a higher level of security than authentication methods that depend on single-factor authentication, in which the user provides only one factor, typically a password or passcode. Two-factor authentication methods rely on a user providing a password, as well as a second factor, in this case a PIN code delivered via SMS.

PRECONDITIONS

In this use case, we assume that you've already created a Nimbus service. 

Enterprise Routing Your service needs to have a Enterprise Routing service license assigned to be able to use the advanced Nimbus Features such as Parameters and the Nimbus Power Automate Connector.

Additionally, ensure to read and follow the Nimbus Power Automate Connector preconditions, as this Use Case will make use of Nimbus Trigger Events  and Flow Actions.

 

Create an Azure Communication Services Instance for Sending SMS

  1. Create an Azure Communication Services resource as described here.
  2. Under SMS concepts in Azure Communication Services - An Azure Communication Services concept document | Microsoft Learn you can read about supported sender types. With the help of the information on that page, decide on which sender type you would like to use. Once decided, enable the selected sender type to be able to start sending SMS messages.

Create Parameters

In Nimbus, create the following parameters:

Name
ID
Default Value
CustomerIdentifier CustomerIdentifier NULL
CustomerRecognized CustomerRecognized NULL
PIN PIN NULL
SMSSent SMSSent NULL
StartValidation StartValidation NULL
ValidationCheck ValidationCheck NULL

Create the Workflow

Overview of the workflow…

 
 
Description
Screenshot

After accepting the call, start with an Input Customer to check if an existing or a new customer is calling, as 2-Factor Authentication will be performed for existing customers only. If the call is coming from a new customer or the validation of an existing customer fails, the call will be transferred to another Nimbus service.

 
Next, we ask existing customers to provide the 6-digit customer identifier. The entered number will be saved into the CustomerIdentifier parameter. Saving the entered identifier to the CustomerIdentifier parameter will trigger a Power Automate Flow (Flow 1), that will verify if the provided identifier is correct.
Next we are waiting for the Power Automate flow triggered by the previous step to update the CustomerRecognized parameter.
After the CustomerRecognized parameter was updated, we check it's value. In case the customer provided a valid customer identifier, the Power Automate flow will set the value of the parameter to Yes.
Next we save something to the StartValidation parameter. The value you save in this parameter can be anything as the purpose of this step is only to trigger the Power Automate flow (Flow 2), that will send out the SMS to the customer's registered mobile phone.
After triggering the Power Automate flow sending the SMS, we wait for the flow to set the SMSSent parameter.
After the SMS was sent out, we ask the customer to enter the received four digit PIN. The PIN the customer entered will be stored in the PIN parameter. Saving the entered PIN to the PIN parameter will trigger the third Power Automate Flow (Flow 3), that will verify if the the PIN sent via SMS and the PIN entered by the customer are the same.
Next we are waiting for the Power Automate flow triggered by the previous step to update the ValidationCheck parameter.

After the ValidationCheck parameter was updated, we check it's value. In case the PIN entered by the customer was the same as the PIN sent to the mobile phone, the Power Automate flow will set the value of the parameter to OK.

 
If the validation was successful, we inform the customer about the successful validation and we send the call to the queue to distribute it to an available agent.

Create the Power Automate Flows

Flow 1: Flow verifying the Customer Identifier

Once the workflow saves the customer identifier provided by the customer into the CustomerIdentifier parameter, we trigger the Power Automate flow checking if the provided customer identifier is valid.

Overview of the Power Automate flow

 
 
  1. Visit the Flow landing page: https://make.powerautomate.com/ 
  2. Head to "My Flows"
  3. Click on "+ New Flow" and create a blank "Automated Cloud Flow"
  4. Give your new flow a speaking name, e.g. "Check Customer Identifier"
  5. In the text box underneath, search for “Nimbus” and choose the "When a task changes state" trigger
  6. Click the "Create" button.

  1. Configure the trigger as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Service Item Select the UPN  of the service
Task Events Select Parameter Updated
Trigger conditions

On the Settings page of the trigger add the following trigger condition to make sure the flow only gets triggered when CustomerIdentifier parameter is updated:

 

@equals(triggerBody()?['updatedParameterName'],'CustomerIdentifier')

Next you need to add a step that checks if the customer provided a valid customer identifier. The exact action to use at this point depends on the system storing your customers' data. If the system either has a Power Automate connector or provides APIs to retrieve data, then you can retrieve the necessary information via Power Automate. In this Use Case the data will be retrieved from a simple SharePoint list.

  1. Add a SharePoint "Get Itemsaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Site Address Either select the SharePoint site containing the SharePoint list from the dropdown box or manually enter the site URL
List Name Select the SharePoint List containing customer data
Filter query

Enter a filter query to check if the customer identifier provided by the customer is in the list.

In this example the customer identifiers are stored in the Number column, therefore the filter looks as follows:

Number eq 'UpdatedParameterValue'

Use the dynamic content 🌟 Updated Parameter Value

☝ Note that the dynamic Id needs to be put in single quotation marks e.g. 'UpdatedParameterValue' or the formula will throw an expression error.
All other fields <leave empty, as is>

Next with a condition we need to check, how many results were returned in the previous step.

  1. Add a Control "Conditionaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Condition expression
  1. length(outputs('Get_items')?['body/value'])
  2. is equal to
  3. 1

☝ To continue with the validation, there needs to be an exact match. So if either 0 or more than 1 results are returned by the previous step, then the 2-Factor Authentication process will fail.

In the False branch

  1. Add a Luware Nimbus "Update taskaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Task ID 🌟 Task ID
Custom Context Parameters

Click on and add

[
    {
        "name": "CustomerRecognized",
        "value": "No"
    }
]
All other fields <leave empty, as is>

In the False branch

  1. Add a Luware Nimbus "Update taskaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Task ID 🌟 Task ID
Custom Context Parameters

Click on and add

[
  {
    "name": "CustomerRecognized",
    "value": "Yes"
  },
  {
    "name": "SMSNumber",
    "value": @{items('For_each')?['SMSNumber']}
  }
]

 

@{items('For_each')?['SMSNumber'] in the above expression is referring to the E.164 formatted mobile phone number of the customer that is stored in the SMSNumber column of the SharePoint list. With this step we are storing the mobile number the SMS should be sent to in the SMSNumber Nimbus parameter. This is needed to make sure our next Power Automate flow knows where to send the SMS to. In case you retrieve the phone number from a different system via a different action, the above expression needs to be adjusted.
All other fields <leave empty, as is>

Flow 2: Flow sending the SMS message

Once the Nimbus workflow saves something into the StartValidation parameter, it will trigger the Power Automate flow sending the SMS message to the customer's registered mobile number.

Overview of the Power Automate flow

 
 
  1. Visit the Flow landing page: https://make.powerautomate.com/ 
  2. Head to "My Flows"
  3. Click on "+ New Flow" and create a blank "Automated Cloud Flow"
  4. Give your new flow a speaking name, e.g. "Send SMS"
  5. In the text box underneath, search for “Nimbus” and choose the "When a task changes state" trigger
  6. Click the "Create" button.
     
  7. Configure the trigger as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Service Item Select the UPN  of the service
Task Events Select Parameter Updated
Trigger conditions

On the Settings page of the trigger add the following trigger condition to make sure the flow only gets triggered when SMSPhoneNumber parameter is updated:

 

@equals(triggerBody()?['updatedParameterName'],'StartValidation')

Next we will generate a 4-digit PIN and store it in a variable.

  1. Add a Variable "Initialize variableaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Name PIN
Type Integer
Value

Enter the following expression to generate a 4-digit random number:

rand(1000,9999)

Next we will retrieve the customer' E.164 formatted mobile number, which was stored by the previous Power Automate flow into the SMSNumber Custom Context Parameter.

  1. Add a Data Operation "Filter arrayaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
From 🌟Task Information Custom Context Parameters
Filter Query
  1. item()?['Name']
  2. is equal to
  3. SMSNumber

Next we will send out the 4-digit PIN to the registered mobile number of the caller via SMS.

  1. Add a Azure Communication Services SMS "Send SMSaction to your flow (If you do not have a connection created yet, Power Automate will ask you to create one by providing the name and the connection string of your ACS instance).
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
From Phone Number Select a phone number from the dropdown box or manually enter the sender in case you would like to use another method – like Short Code, Dynamic Alphanumeric Sender ID, Preregistered Alphanumeric Sender ID, etc. – to send the SMS.
Recipients

Click on and add

[
  {
    "to": @{body('Filter_array')?[0]['Value']}
  }
]
Message Your PIN code is: @{variables('PIN')}
DeliveryReport No

Finally we need to tell Nimbus that the SMS was sent and we will also save the generated PIN in the GeneratedPIN Custom Context Parameter.

  1. Add a Luware Nimbus "Update taskaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Task ID 🌟 Task ID
Custom Context Parameters

Click on and add

[
  {
    "name": "SMSSent",
    "value": "Yes"
  },
  {
    "name": "GeneratedPIN",
    "value": @{variables('PIN')}
  }
]
All other fields <leave empty, as is>

Flow 3: Flow verifying the PIN entered

Once the customer enters the PIN received via SMS, we need to verify if the generated PIN and the PIN entered by the customer are matching.

Overview of the Power Automate flow

 
 
  1. Visit the Flow landing page: https://make.powerautomate.com/ 
  2. Head to "My Flows"
  3. Click on "+ New Flow" and create a blank "Automated Cloud Flow"
  4. Give your new flow a speaking name, e.g. "Verify PIN"
  5. In the text box underneath, search for “Nimbus” and choose the "When a task changes state" trigger
  6. Click the "Create" button.
     

  1. Configure the trigger as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Service Item Select the UPN  of the service
Task Events Select Parameter Updated
Trigger conditions

On the Settings page of the trigger add the following trigger condition to make sure the flow only gets triggered when PIN parameter is updated:

 

@equals(triggerBody()?['updatedParameterName'],'PIN')

Next we will retrieve the generated PIN, which was stored by the previous Power Automate flow into the GeneratedPIN Custom Context Parameter.

  1. Add a Data Operation "Filter arrayaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
From 🌟Task Information Custom Context Parameters
Filter Query
  1. item()?['Name']
  2. is equal to
  3. GeneratedPIN

Next with a condition we need to check, if the generated PIN and the PIN provided by the customer match.

  1. Add a Control "Conditionaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Condition expression
  1. 🌟Updated Parameter Value
  2. is equal to
  3. @{body('Filter_array')?[0]['Value']}

 

In the True branch

  1. Add a Luware Nimbus "Update taskaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Task ID 🌟 Task ID
Custom Context Parameters

Click on and add

[
  {
    "name": "ValidationCheck",
    "value": "OK"
  }
]
All other fields <leave empty, as is>

In the False branch

  1. Add a Luware Nimbus "Update taskaction to your flow.
  2. Configure the action as follows:
Field Fill in / 🌟 = Nimbus dynamic content 
Task ID 🌟 Task ID
Custom Context Parameters

Click on and add

[
  {
    "name": "ValidationCheck",
    "value": "Failed"
  }
]
All other fields <leave empty, as is>
Use Case - Adding External Address Books via Power Automate

It is possible to add an external address book to Nimbus with the use of the Nimb...

Table of Contents