Login
    Contents x
    OneSpan Auth Validate Event (Node)
    • 25 Oct 2024
    • 2 Minutes to read
    • Dark
      Light
    Contents

    OneSpan Auth Validate Event (Node)

    • Updated on 25 Oct 2024
    • 2 Minutes to read
    • Dark
      Light
    Article summary

    Availability: OneSpan Authentication for ForgeRock 1.1.0 and later

    This node invokes the Event Validation API (/users/{userID@domain}/events/validate), which validates a non-monetary event against the risk analysis service and the authentication service. It then returns the validation result.

    If risk analysis requires an extra challenge, a multi-factor authentication flow has to be designed to continue along the Step Up outcome path.

    Outcome paths:

    • Accept

    • Decline

    • Step Up

    • Error

    Properties

    OneSpan Auth Validate Event properties

    Property name

    Data type

    Description

    Event Type

    Enum

    Specifies the event type.

    Possible values:

    • SpecifyBelow. Use this value to set a specific event type in the Specify Event Type property.

    • ReadFromSharedState. Use this value to determine the event type at runtime by pre-store the event type in the sharedState object. The name of the key can be specified with the Event Type In SharedState property.

    Default value: SpecifyBelow

    Specify Event Type

    String

    Only required if Event Type is set to SpecifyBelow. Used to specify the event type. For a list of possible event types, see /users/{userID@domain}/events/validate.

    Default value: <empty>

    Event Type In SharedState

    String

    Only required if Event Type is set to ReadFromSharedState. Specifies the key name key in the sharedState object to use as the event validation type.

    Default value: <empty>

    Credentials Type

    Enum

    Only required for OCA use cases.

    Possible values:

    • fidoAuthenticator

    • authenticator

    • passkey

    • none

    Default value: none

    User Name In SharedState

    String

    Specifies the key name in the sharedState object to use as the IAA/OCA user name.

    Default value: username

    Password In TransientState

    String

    Specifies the key name in the transientState object to use as the IAA/OCA user password.

    Default value: password

    Optional Attributes

    Map<String,String>

    Specifies a key/value map to keep additional optional attributes like user email, user phone number, etc. The key represents the key name in the sharedState object. The value represents the key that will be additionally added to the API payload.

    For example, for a key/value pair "emailAddressInSharedState":"emailAddress", the node will look for the emailAddressInSharedState key in the sharedState object and add "emailAddress":"valueInSharedState" to the API payload.

    Default value: <empty>

    Orchestration Delivery

    Enum

    Specifies whether a push notification should be sent, and/or if the orchestration command should be included in the response requestMessage.

    Possible values:

    • pushNotification

    • requestMessage

    • both

    • none

    Default value: both

    Event Validation Timeout

    int

    Specify the event validation timeout in seconds. The priority is as follows:

    1. ForgeRock session expiry

    2. OneSpan Intelligent Adaptive Authentication/OneSpan Cloud Authenticationsession expiry

    3. Event validation expiry

    Make sure the ForgeRock session expiry and the OneSpan Intelligent Adaptive Authentication/OneSpan Cloud Authentication session expiry are not shorter than the value specified here.

    Default value: 60

    Visual Code Message

    Enum

    Specifies which visual code message will be used to render the visual code.

    For more information about using your own customized message format, refer to the Message Options property of the OneSpan Auth Visual Code node (see OneSpan Auth Visual Code properties).

    Possible values:

    • sessionID

    • requestID

    • none

    Default value: sessionID

    Data flow

    OneSpan Auth Validate Event inbound data

    Attribute name

    Source

    Description

    As specified in property

    Configuration, shared state

    The event type.

    As specified in property

    Shared state

    User name

    As specified in property

    Transient state

    Optional. Password

    As specified in property

    Shared state

    Optional. Other attributes.

    ostid_cddc_json

    Shared state

    CDDC JSON

    ostid_cddc_hash

    Shared state

    CDDC hash value

    ostid_cddc_ip

    Shared state

    CDDC client IP address

    ostid_session_id

    Shared state

    Optional. The session ID.

    OneSpan Auth Validate Event outbound data

    Attribute name

    Storage

    Description

    ostid_cronto_msg

    Shared state

    Visual code message

    ostid_session_id

    Shared state

    The session ID

    ostid_request_id

    Shared state

    The request ID

    ostid_irm_response

    Shared state

    The OneSpan Risk Analytics response.

    ostid_command

    Shared state

    The command

    ostid_event_expiry_date

    Shared state

    The event expiration date.

    OneSpan Auth Validate Event outbound data (Error case)

    Attribute name

    Storage

    Description

    ostid_error_message

    Shared state

    The error message

    API references

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, our interactive help assistant