Prepare OneSpan Authentication Server for SDK Sample Website Installation

Before you set up a sample website, ensure that OneSpan Authentication Server is installed properly. For more information about installing OneSpan Authentication Server, refer to the OneSpan Authentication Server Installation Guide for Linux or OneSpan Authentication Server Installation Guide for Windows.

OneSpan Authentication Server must be configured accordingly to install the SDK sample website. You can apply all the required settings via the OneSpan Authentication Server Configuration Utility. The following settings are required:

• Communicators. In the SOAP tab, the SOAP protocol must be enabled.

  By default, the SSL cipher suite security level for SOAP is set to Very High. This implies that TLS v1.2 or later is supported only.

  If you are using Java Development Kit (JDK), note that only JDK 1.8 is supported.

  If you are using the .NET Framework, note that only .NET Framework 4.6 or later supports TLS v1.2 out of the box. If your application targets an earlier version of the .NET Framework, you need to lower the SSL cipher suite security level for SOAP or upgrade to .NET Framework 4.7 or later (highly recommended).

  If your organization is impacted by the General Data Protection Regulation (GDPR), ensure that the SOAP communicator interface is configured to use SSL. If an OneSpan Authentication Server component does not support SSL, the SOAP interface must be configured without SSL; however, to be GDPR-compliant, you must set up an encrypted VPN tunnel to secure the communication.

  For more information about GDPR, refer to the OneSpan Authentication Server General Data Protection Regulation Compliance Guide.

• OneSpan Authentication Server Component. A client component must be defined for the IP address of the OneSpan Authentication Server.

• License. A license must be loaded for the OneSpan Authentication Server component. This license should have SOAP enabled, along with the different SOAP features you want to test using the sample website. EMV-CAP authentication requires a licensing option separate to other authentication functionality.

Depending on your requirements, you need to create the respective SOAP client components in OneSpan Authentication Server:

• To use the authentication or EMV-CAP authentication functionality of the sample websites:

  • Location: IP address of the machine hosting the sample website.
  • Component Type: Authentication Sample Client
  • Policy ID: Identikey Local Authentication Policy

• To use the signature validation functionality of the sample websites:

  • Location: IP address of the machine hosting the sample website.
  • Component Type: Signature Sample Client
  • Policy ID: Identikey Real-time Signature Verification Policy 1

• To use the Secure Channel authentication functionality of the sample websites:

  • Location: IP address of the machine hosting the sample website.
  • Component Type: Authentication with Secure Channel Sample Client
  • Policy ID: IDENTIKEY Authentication with Secure Channel

• To use the Secure Channel signature functionality of the sample websites:

  • Location: IP address of the machine hosting the sample website.
  • Component Type: Signature Secure Channel Sample Client
  • Policy ID: IDENTIKEY Signature Validation with Secure Channel

• To use the multi-device licensing (MDL) provisioning functionality of the sample websites:

  • Location: IP address of the machine hosting the sample website.
  • Component Type: Multi-Device Licensing Provisioning Sample Client
  • Policy ID: IDENTIKEY Provisioning for Multi-Device Licensing

Once these settings are applied, you can install the sample websites as required. For more information about installing the sample websites, refer to the OneSpan Authentication Server SDK Programmer's Guide for Java or the OneSpan Authentication Server SDK Programmer's Guide for .NET, respectively.