Configuration of the FIDO Server

Before you integrate the FIDO ASM with the Tutoprial App Plus application on Android and/or iOS, you  need to configure the FIDO Server. To do so, follow the instructions provided in the Nok Nok Labs documentation. Once the FIDO Server configuration is completed, configure the FIDO Server to use the OneSpan-specific configuration as outlined below.

To configure the FIDO Server to use the OneSpan Configuration Wizard

You can perform these steps either by using the nnl-mgmt.sh file, or by using the policy files available in the OneSpan FIDO Server package. When you choose to use the nnl-mgmt.sh, refer to the Nok Nok Labs documentation for more details.

1. Import the required ASM(s).

   You need to use the Authenticator Metadata and Import commands of the nnl-mgmt.sh script.

   If you use the policy files from the FIDO Server package, run the following command in the onespan-asm-json folder:

   ./nnl-mgmt.sh auth_metadata import -dir /path_to_folder/onespan-asm-json/

2. Import and activate the policies.

   You need to use the FIDO Policy and Import commands of the nnl-mgmt.sh script.

   If you use the policy files from the FIDO Server package, run the following commands in the onespan-policy-json folder:

   ./nnl-mgmt.sh policy import -file /path_to_folder/policy_you_want.json

   ./nnl-mgmt.sh policy activate -name "name of the imported policy"

3. Create and activate the rule set.

   You need to use the Adaptive Ruleset and Import commands of the nnl-mgmt.sh script.

   If you use the ruleset file from the FIDO Server package, run the following commands in the onespan-ruleset-json folder:

   ./nnl-mgmt.sh ruleset import -dir /path_to_folder/onespan-ruleset-json/ruleset_you_want.json

   ./nnl-mgmt.sh ruleset activate -name "name of the imported ruleset"

4. Authorize the OneSpan applications to communicate with the FIDO Server.

   You need to use the Properties and Set property commands of the nnl-mgmt.sh script.

   Examples how to authorize OneSpan FIDO Server Manager for Android and iOS:

   Android

   ./nnl-mgmt.sh properties set -name android:com.onespan.fido.uaf.passport##app.names -value "OneSpan FIDO Server Manager for Android" -uaffacetid android:apk-key-hash:QyzgKcO/5TmWhuRK3DLW2GYu5ZM

   ./nnl-mgmt.sh properties set -name android:com.onespan.fido.uaf.passport##ruleset.name -value default

   iOS

   ./nnl-mgmt.sh properties set -name ios:com.onespan.fido.uaf.passport##app.names -value "OneSpan FIDO Server Manager for iOS" -uaffacetid ios:bundle-id:com.onespan.fido.uaf.passport

   ./nnl-mgmt.sh properties set -name ios:com.onespan.fido.uaf.passport##ruleset.name -value default

5. Validate the global policy by modifying PolicyPlugin.

   You need to use the API Server Configuration and Import commands of the nnl-mgmt.sh script.

   If you use the PolicyPlugin file from the FIDO Server package, run the following command in the onespan-policyplugin-json folder:

   ./nnl-mgmt.sh apiserver import -type PolicyPlugin -file /path_to_folder/onespan-policyplugin-json/policyplugin_you_want.json -overwrite yes

For more information on any of these steps, refer to the Nok Nok Labs documentation.