Login
    Contenu x
    Changes in DIGIPASS Gateway 5
    • 27 Sep 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Changes in DIGIPASS Gateway 5

    • Mis à jour le 27 Sep 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    DIGIPASS Gateway 5 introduces a couple of breaking changes compared to earlier versions of DIGIPASS Gateway.

    Architectural changes

    • Stateless gateway. Previous versions relied on an external PostgreSQL database to store some state information, such as transactions and transaction data.

      This database requirement has been removed. DIGIPASS Gateway no longer saves any state information whatsoever, but rather relies on the respective authentication server, e.g. OneSpan Authentication Server.

    • DIGIPASS Gateway services. Previous versions consisted of two web services providing two different interfaces: The so-called Administration interface and the DIGIPASS interface.

      These two interfaces have been consolidated to one.

      The Administration interface has been completely removed, since most of the administrative services have become obsolete, e.g. transaction management for Mobile Authenticator Studio. The remaining services have been merged with the DIGIPASS interface. The distinction between administrative and client services now only exists in context of required authentication.

    • API authentication. In previous versions some services were protected using basic HTTP authentication via one API key.

      In DIGIPASS Gateway 5, all services are protected using basic HTTP authentication via one of two API keys:

      • The front-end API key is required for services typically used by mobile applications, e.g. OneSpan Mobile Authenticator.

      • The back-end API key is required for services typically exposed to the solution's back-end side, e.g. the banking website.

    Workflow changes

    • Out-of-band transaction data signing. This feature was implemented in previous versions of DIGIPASS Gateway and exposed to Mobile Authenticator Studio. It has been replaced by a new transaction data signing workflow integrating seamlessly with OneSpan Authentication Server, using push notifications.

    • Transaction management. It is no longer possible to manage transactions, such as listing pending transactions. When a transaction is initiated, the user receives a push notification. The mobile application retrieves the transaction details and the user can either accept or reject it right away.

    Changes in the API

    New or changed services

    The following services are either new or updated versions of previous existing ones:

    • /rest/v2/authentication/authUser

    • /rest/v2/authentication/push/authUser

    • /rest/v2/authentication/push/cancelAuthUser

    • /rest/v2/authentication/push/getPreparedSecureChallenge

    • /rest/v2/notification/push/sendNotification

    • /rest/v2/notification/push/updateNotificationID

    • /rest/v2/provisioning/DSAPPActivate

    • /rest/v2/provisioning/DSAPPGenerateActivationData

    • /rest/v2/provisioning/DSAPPMdlAddDevice

    • /rest/v2/provisioning/DSAPPRegister

    • /rest/v2/provisioning/DSAPPSRPGenerateActivationData

    • /rest/v2/provisioning/DSAPPSRPGenerateEphemeralKey

    • /rest/v2/provisioning/getServerTime

    • /rest/v2/provisioning/MdlActivate

    • /rest/v2/provisioning/MdlAddDevice

    • /rest/v2/provisioning/MdlRegister

    • /rest/v2/signature/push/authSignature

    • /rest/v2/signature/push/cancelAuthSignatureRequest

    • /rest/v2/signature/push/getPreparedSignatureRequest

    Deprecated services

    Deprecated services are still available in the interface for backward-compatibility reasons and migration purposes only. However, newer versions of the same services or similar new services exist that should be used for new implementations.

    The following services have been deprecated:

    • /activate

    • /addDevice

    • /bind

    • /instanceActivation

    • /licenseActivation

    • /postActivation

    • /register

    • /registerOffline

    • /registerOnline

    • /rest/activation/DSAPPSRPGenerateActivationData

    • /rest/activation/DSAPPSRPGenerateEphemeralKey

    • /rest/activation/MdlActivate

    • /rest/activation/MdlAddDevice

    • /rest/auth/online

    • /rest/notification/push/sendNotification

    • /rest/notification/push/updateNotificationID

    • /rest/push/cancelLogin

    • /rest/push/retrieveLogin

    • /rest/push/signLogin

    • /signature

    • /synchronize

    Removed services

    The following services have been removed:

    • /createSecureChannelTransaction

    • /createTransaction

    • /deleteNotif

    • /deleteTransaction

    • /getTransactionStatus

    • /listSecureChannelTransactions

    • /listTds

    • /manageTransaction

    • /notify

    • /registerNotif

    • /rejectTransaction

    • /testOffline

    • /validateSecureChannelTransaction

    • /validateTransaction

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle