Activation
  • 23 Oct 2024
  • 2 Minutes to read
  • Dark
    Light

Activation

  • Dark
    Light

Article summary

With the activation feature of the Orchestration SDK you can provision authenticator instances to the Customer Mobile Application by securely exchanging activation data with OneSpan Trusted Identity platform. The activation process is initiated on the Customer Website, and then continued and completed using the Customer Mobile Application. Four network requests are required between the Customer Mobile Application and the Customer Application Server to complete the activation process.

The activation process will provision two authenticator instances in the Customer Mobile Application. For security reasons, each authenticator instance will be linked to a given authentication method: one instance for the password authentication method and another for the other authentication methods (No password and biometric recognition).

For more details concerning the authentication methods, see Authentication methods.

Activation workflow

Activation workflow

Activation workflow of OneSpan Orchestration SDK

  1. The user initializes an activation session via the Customer Website, by providing their user identifier and static password.

  2. The Customer Website transmits the user identifier and the static password to the Customer Application Server.

  3. The Customer Application Server calls the https://{tenant}.{environment}.tid.onespan.cloud/v1/users/register endpoint from the OneSpan Trusted Identity platform API by providing their user identifier and the static password. In case of success, the web service returns the activation password.

  4. The Customer Application Server notifies the Customer Website that registration has been completed.

  5. The Customer Application Server transmits the activation password to the user via a channel other than the network (e.g. by sending an SMS message or an e-mail). The activation password remains valid for 10 minutes.

  6. The user enters their user identifier and the activation password in the Customer Mobile Application to start the activation process.

  7. The Customer Mobile Application calls the startActivation method of the Orchestration SDK to start the activation process.

  8. The Orchestration SDK displays a virtual keypad or calls the password user authentication flow, where the user can define their password, and confirm it.

  9. The Orchestration SDK builds the first orchestration command required for the activation process and transmits it to the Customer Mobile Application using the onActivationStepComplete method.

  10. The Customer Mobile Application transmits the orchestration command to the Customer Application Server.

  11. The Customer Application Server calls the orchestration-commands Web service of the OneSpan Trusted Identity platform by providing the orchestration command. A new orchestration command is returned as a result.

  12. The Customer Application Server transmits the orchestration command to the Customer Mobile Application as a response to the previous request.

  13. The Customer Mobile Application calls the execute method of the Orchestration SDK to continue the activation process.

  14. A second activation step repeats steps 9 to 13.

  15. A third activation step repeats steps 9 to 13.

  16. A fourth activation step repeats steps 9 to 13.

  17. The Orchestration SDK finalises the activation process and transmits the status to the Customer Mobile Application using the onActivationSuccess method.

  18. The Customer Mobile Application notifies the user that the activation has been successfully completed.

Notification registration is required to finalize activation.

After a successful activation process, the Customer Mobile Application can use the other features of the Orchestration SDK (e.g. authentication, notification registration etc.).

See Activation for more information how to integrate this feature.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant