- 19 Oct 2024
- 2 Minutes à lire
- SombreLumière
Integrate response validation
- Mis à jour le 19 Oct 2024
- 2 Minutes à lire
- SombreLumière
Each action configured in the Mobile Authenticator Studio app can call a web service to validate a response. The URL will be called by Mobile Authenticator Studio internally.
Internal response validation (overview)
Response Validation Request
Standard action (single-device licensing)
The URL can use the HTTP POST or GET methods. For more information about URL customization, refer to the Mobile Authenticator Studio Customization Guide.
Parameter name | Description |
---|---|
RegistrationIdentifier | The identifier used during activation. Format: Alphanumeric string, limited to 40 characters |
PlatformName | The name of the platform on which the device is running. |
OTP | The response generated by the cryptographic application defined by the cryptoAppIndex attribute of the Action element. Format: Hexadecimal string, limited to 16 characters |
Challenge | The challenge used for Challenge/Response-based cryptographic applications. Format: Decimal string, limited to 16 characters |
SerialNumber | The authenticator serial number. Format: Alphanumeric string, 10 characters |
SequenceNumber | The sequence number of the authenticator instance/account. Format: Numeric string of 2 characters |
UserIdentifier | The extra user identifier that has been set during activation. Format: Alphanumeric string, limited to 40 characters |
DTF1 | This is the first data field used to generate the response. Format: Alphanumeric string, limited to 16 characters |
DTF2 | This is the second data field used to generate the response. Format: Alphanumeric string, limited to 16 characters |
DTF3 | This is the third data field used to generate the response. Format: Alphanumeric string, limited to 16 characters |
DTF4 | This is the fourth data field used to generate the response. Format: Alphanumeric string, limited to 16 characters |
DTF5 | This is the fifth data field used to generate the response. Format: Alphanumeric string, limited to 16 characters |
DTF6 | This is the sixth data field used to generate the response. Format: Alphanumeric string, limited to 16 characters |
DTF7 | This is the seventh data field used to generate the response. Format: Alphanumeric string, limited to 16 characters |
DTF8 | This is the eighth data field used to generate the response. Format: Alphanumeric string, limited to 16 characters |
Version | The version of the application binary as defined when configuring the app. |
DeviceIdentifier | The device-unique identifier. Format: String of 64 hexadecimal characters |
Secure Channel action (multi-device licensing)
The Secure Channel action can send a request to the server just as the standard action. This request sent by Mobile Authenticator Studio is configured in the OutputData section of the configuration file:
The URL can use the HTTP POST or GET methods. For more information about URL customization, refer to the Mobile Authenticator Studio Customization Guide.
Parameter name | Description |
---|---|
OTP | The response generated by the cryptographic application defined by the cryptoAppIndex attribute of the Action element. Format: Hexadecimal string, limited to 16 characters |
SecureChallengeMessage | The Secure Channel message signed by the app. This mask is optional. |
PlatformName | The name of the platform on which the device is running. |
SerialNumber | The authenticator serial number. Format: Alphanumeric string, 10 characters |
SequenceNumber | The authenticator instance sequence number. Format: Numeric string of 2 characters |
UserIdentifier | The extra user identifier that has been set during activation. Format: Alphanumeric string, limited to 40 characters |
Version | The version of the application binary as defined during the app configuration. |
DeviceIdentifier | The device-unique identifier. Format: String of 64 hexadecimal characters |
Response Validation Response
The response expected by Mobile Authenticator Studio must be formatted as described in the DTD:
<!ELEMENT DP4Mobile>
<!ATTLIST DP4Mobile retCode CDATA #REQUIRED>
<!ATTLIST DP4Mobile message CDATA #REQUIRED>
<!ATTLIST DP4Mobile serverTime CDATA #IMPLIED>
The DP4Mobile serverTime parameter is no longer used in Mobile Authenticator Studio 5.2 but still accepted in the response to ensure backwards compatibility with Mobile Authenticator Studio 4.x.
Example
<?xmlversion="1.0"encoding="UTF-8"?>
<DP4MobileretCode="0"message="Operation Successful" />
Attribute name | Description |
---|---|
//DP4Mobile/@retCode | Required. The return code associated with the response validation request. 0 means success, any other value will cause the message attribute value to be displayed. |
//DP4Mobile/@message | Required. The return message associated with the response validation request. This value will be displayed by the app if not empty. |
//DP4Mobile/@serverTime | Optional. This is the current server GMT time. This value will be used by the app to silently set the drift between device and server time to keep the app synchronized. |