Step 4: post-activation
  • 23 Oct 2024
  • 4 Minutes to read
  • Dark
    Light
  • PDF

Step 4: post-activation

  • Dark
    Light
  • PDF

Article summary

  1. ...

  2.  <PostActivationcryptoAppIndex="1"

  3.    <OnlinePostActivation .../>

  4.    <!-- OR -->

  5.    <!--<OfflinePostActivation .../>-->

  6. View title="First OTP">

  7.      <Fields>

  8. <Field id="Challenge"name="Challenge"comment="Enter the challenge." />

  9.      </Fields>

  10.      <Labels>

  11. <Label id="ClipboardCopyHostCode"value="Server response   copied to clipboard" />

  12. <Label id="ClipboardCopyResponse"value="Derivation code copied to clipboard" />

  13. <Label id="OnlineServerActivationWaitMessage"value="Activation confirmation, please wait..." />

  14. <Label id="ResultHostCode"value="Server  response:" />

  15. <Label id="ResultResponse"value="Your derivation code   is:" />

  16. <Label id="SerialNumber"value="Serial number:" />

  17. <Label id  ="BiometricFingerprintRecognitionDescriptionMessage"value="Please authenticate using fingerprint recognition to   protect your DIGIPASS" />

  18. <Label id  ="BiometricFaceRecognitionDescriptionMessage"value="Please authenticate using face recognition to  protect your DIGIPASS" />

  19.      </Labels/>

  20.      <Dynamics>

  21. <Dynamic id="ResultHostCode"class="generated" />

  22. <Dynamic id="ResultResponse"class="generated" />

  23. <Dynamic id="SerialNumber"class="text" />

  24.      </Dynamics>

  25.      <Errors>

  26. <Error id="ChallengeEmpty"value="The activation   response does not include a challenge." />

  27. <Error id="ChallengeTooShort"value="The minimal length   for the challenge is %_MinLength_%." />

  28. <Error id="ChallengeTooLong"value="The maximal length   for the challenge is %_MaxLength_%." />

  29. <Error id  ="BiometricFingerprintRecognitionAuthenticationFailed"value="Biometric authentication failed." />

  30. <Error id  ="BiometricFaceRecognitionAuthenticationFailed"value="Biometric authentication failed." />

  31.      </Errors>

  32.    </View>

  33.  </PostActivation>

Functional customization

  • MultiDeviceActivation > PostActivation: This element is used to configure the post-activation functionality. Post-activation is mandatory when the Two-Step Activation feature is used.

    • cryptoAppIndex: Defines the index of the cryptographic application used to generate the response. This attribute is mandatory.

Post-activation mode

Post-activation can be done either in an online or in an offline process. Only one mode must be used.

Online post-activation

  1. <PostActivationcryptoAppIndex="1">

  2.  <OnlinePostActivationdestroyOnFailure="false"displayMessageOnSuccess="false">

  3.    <URLmethod="GET"value="http://MY_DOMAIN_NAME/..." />

  4.  </OnlinePostActivation>

  5.  ...

  6.  ...

  7. </PostActivation>

  • MultiDeviceActivation > PostActivation > OnlinePostActivation

    • destroyOnFailure: Indicates whether Mobile Authenticator Studio must be destroyed if post-activation fails. The default value is false.

    • displayMessageOnSuccess: Used to specify if the server message must be displayed for a successful post-activation process. The default value is false.

  • MultiDeviceActivation > PostActivation > OnlinePostActivation > URL: This element must be used to define the URL from which to retrieve the activation data.

Masks for online post-activation URL lists the masks for the online post-activation URL.

Masks for online post-activation URL

Mask

Value

Advanced provisioning protocol required?

Standard provisioning protocol required?

%_RegistrationIdentifier_%

This is the identifier which will be used by the server to identify the user. This mask is mandatory.

Yes

Yes

%_OTP_%

This is the generated OTP if the value attribute of the URL element contains the %_OTP_% mask.

Yes

Yes

%_Challenge_%

This is the used challenge if the application used to generate the response is in Challenge/Response mode. This mask is optional.

Yes

Yes

%_Version_%

This is the Mobile Authenticator Studio version. This mask is optional.

Yes

Yes

%_SerialNumber_%

This is the serial number. This mask is optional.

Yes

Yes

%_UserIdentifier_%

This is the user identifier. This mask is optional.

Yes

Yes

%_InitialVector_%

This is the initial vector.

Yes

No

%_Nonce_%

This is the server nonce used with the advanced provisioning protocol.

Yes

No

%_DeviceIdentifier_%

This is the unique identifier of the device (hexadecimal, 64 characters). This mask is optional.

Yes

Yes

%_RootingStatus_%

This is the status indicating if the device is rooted. Possible values are true or false.

Yes

Yes

Offline post-activation

  1. <PostActivationcryptoAppIndex="1">

  2.  <OfflinePostActivation displaySerialNumber="false"responsePattern="XX-XX-XX" hostCodePattern="XX-XX.XX"

    centered="false" />

  3.  ...

  4.  ...

  5. </PostActivation>

  • MultiDeviceActivation > PostActivation > OfflinePostActivation

    • displaySerialNumber: Indicates whether the Mobile Authenticator Studio serial number is displayed. This attribute is optional. The default value is false.

    • responsePattern: Can be used to apply a display pattern to the generated response. This attribute is optional. The default value is No formatting.

    • hostCodePattern: Can be used to apply a display pattern to the generated host code. This attribute is optional. The default value is No formatting.

    • centered: Used to specify if the result must be centered or top-aligned. The default value is false.

For more information about the attributes of the PostActivation elements, refer to the Mobile Authenticator Studio Product Guide.

The system does not offer a scrollbar in centered mode. The page view may, however, be truncated if the content to be displayed is larger than the available screen size.

Graphical customization

  • MultiDeviceActivation > PostActivation > View: This element defines the graphical rendering of the post-activation functionality. The background of the element is not customizable.

    • title: The default value is PostActivation.

  • MultiDeviceActivation > PostActivation > View > Fields > Field:

    • id="Challenge": This is the field for the challenge if the application that generates the response is in Challenge/Response mode.

  • MultiDeviceActivation > PostActivation > View > Labels > Label:

    • id="ClipboardCopyHostCode": This message is displayed when the user copies the generated host code. It is displayed on Android devices only.

    • id="ClipboardCopyResponse": This message is displayed when the user copies the generated response. It is displayed on Android devices only.

    • id="OnlineServerActivationWaitMessage": This message is displayed while waiting for the server activation.

    • id="ResultHostCode": This is the label of the generated host code.

    • id="ResultResponse": This is the label of the generated response.

    • id="SerialNumber": This is the label of the Mobile Authenticator Studio serial number.

    • id="BiometricFingerprintRecognitionDescriptionMessage": This is the label of the biometric protection message for fingerprint recognition.

    • id="BiometricFaceRecognitionDescriptionMessage": This is the label of the biometric protection message for face recognition.

      Biometric protection is only available for:

      • iPhone devices with an iOS version later than 12.0, and Touch ID, or Face ID.

      • Samsung devices with Android 5.0 Lollipop (API level 21) or above, all devices from Android 6.0 (API level 23) with fingerprint support.

  • MultiDeviceActivation > PostActivation > View > Dynamics > Dynamic:

    • id="ResultHostCode": Can be used to customize the rendering of the generated host code.

    • id="ResultResponse": Can be used to customize the rendering of the generated response.

    • id="SerialNumber": Can be used to customize the rendering of the Mobile Authenticator Studio serial number.

  • MultiDeviceActivation > PostActivation > View > Errors >Error:

    • id="BiometricFingerprintRecognitionAuthenticationFailed": The biometric authentication failed.

    • id="BiometricFaceRecognitionAuthenticationFailed": The biometric authentication failed.

    • id="ChallengeEmpty": The activation response does not include a challenge.

    • id="ChallengeTooShort": The minimum challenge length is %_MinLength_%.

      The %_MinLength_% mask is used by Mobile Authenticator Studio to replace the minimum length of the challenge in the error message.

    • id="ChallengeTooLong": The maximum challenge length is %_MaxLength_%.

      The %_MaxLength_% mask is used by Mobile Authenticator Studio to replace the maximum length of the challenge in the error message.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant