Custom Authentication Engines

Developing an authentication engine for OneSpan Authentication Server requires to create a dynamically loaded library that implements the OneSpan Authentication Server authentication engine API.

• On Windows, the library should be implemented as a dynamic-link library (.dll).
• On Linux, the library should be implemented as a shared object file (.so).

The dynamically loaded library should expose the following C functions:

• ikey_initialise(). This function should initialize the custom authentication engine. The function implementation could retrieve custom engine configuration settings by calling the function pointer getProperty specified as first parameter.

  Custom authentication engine configuration settings should be specified during the installation of the authentication engine using the OneSpan Authentication Server Configuration Utility (see Custom authentication engine definitions via the OneSpan Authentication Server Configuration Utility) or directly in the OneSpan Authentication Server configuration file (see Custom authentication engine definitions via the configuration file).

• ikey_authenticate(). This function verifies the specified password for the identified user. The user is identified by the following mandatory parameters:

  • szUserID
  • szDomain
• ikey_terminate(). This function is called when the library is about to be unloaded by OneSpan Authentication Server.