Login
    Contents x
    Authenticator Activation
    • 17 Feb 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Authenticator Activation

    • Updated on 17 Feb 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Activate an authenticator

    The authenticator activation consists of activating the authenticator license and the authenticator account (i.e., an instance of the authenticator).

    1. License activation:

      Activation Message 1 is generated on the server with Authentication Server Framework from the authenticator activation BLOB. This message is identical for every license activation. Activation Message 1 contains the following information:

      • the license serial number of the authenticator

      • the license key of the authenticator

      • (OPTIONAL) the license parameter settings of the authenticator

      The parameter settings used by the Mobile Authenticator Studio app to activate the authenticator is the static vector set in the Mobile Authenticator Studio configuration file.

      As a result of the license activation, Mobile Authenticator Studio generates a device code which contains the device ID. This ID is a concatenation of information about the device type and device-unique data. Both are signed with the license key.

      The device code must be provided to Authentication Server Framework for the server-side to generate an authenticator account for the device for which the license has been activated. Mobile Authenticator Studio can send the device code directly to a server or, alternatively, display it to the user who is in charge of submitting this code manually to the server.

    2. Account activation:

      Activation Message 2, generated by Authentication Server Framework, is provided to Mobile Authenticator Studio. This message contains the following information used by Mobile Authenticator Studio:

      • license serial number of the authenticator

      • account sequence number of the authenticator

      • secret key of the authenticator

      As a result of the authenticator account activation, Mobile Authenticator Studio generates a MAC signature with the account key of the authenticator. The MAC signature must be provided to Authentication Server Framework for the server-side to confirm the correct activation of the authenticator account.

      If the activation process is interrupted before the account of the authenticator is activated (after the scan of Activation Message 2 or after the PIN validation), the information on the license is not stored. The dynamic vector associated with the license is destroyed.

      In the multi-device licensing mode, an account of the authenticator cannot be reactivated. Authentication Server Framework only generates Activation Message 2 once. If an authenticator license cannot be used anymore, it must be replaced by a new one. The number of accounts for each authenticator serial number is limited to 99.

      To confirm the authenticator activation to the server in the post-activation process, a Secure Channel app must be mandatorily defined in the Mobile Authenticator Studio Parameter Sheet.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, our interactive help assistant