StepUA is an abbreviation for User Authentication. And they are Orchestrated so that StepUI goes first and if that succeeds then StepUA follows. Here's what that looks like in the GUI:
A Mechanism strings those Plug-ins together as steps and defines how they work together.
All that's left is a way to actually get the credentials from the user. To do that you have to define an Authentication Scheme. An Authentication Scheme has a few settings:
- Name and description
- Authentication Level - a number used to sort the schemes in order of most secure to least secure
- Challenge method - what kind of credentials and how does OAM collect them?
- Authentication Module - which authentication module is used to authenticate the credentials?
- a few other scheme-specific fields