SOAP Signature Validation (Overview)
- 19 Dec 2024
- 2 Minutes à lire
- SombreLumière
- PDF
SOAP Signature Validation (Overview)
- Mis à jour le 19 Dec 2024
- 2 Minutes à lire
- SombreLumière
- PDF
The content is currently unavailable in French. You are viewing the default English version.
Résumé de l’article
Avez-vous trouvé ce résumé utile ?
Merci pour vos commentaires
The SOAP signature interface provides commands to generate and validate signatures (see SOAP signature validation commands).
| Command | Description |
|---|---|
| authSignature | Validates a signature on the OneSpan Authentication Server side (see authSignature (Command). |
| authSignatureRequest | Triggers a data signing transaction via push notification (see authSignatureRequest (Command)). |
| cancelAuthSignatureRequest | Cancels a pending data signing transaction using a request key previously received through push notification (see cancelAuthSignatureRequest (Command)). |
| genRequest | Generates a request message that can be used to initiate a signature validation transaction (see genRequest (Command)). Applies if Secure Channel is supported. |
| genSignature | Generates a virtual signature on the OneSpan Authentication Server side (see genSignature (Command)). |
| getPreparedSignatureRequest | Retrieves a signature request using a request key previously received through push notification. (see getPreparedSignatureRequest (Command)). |
Different field attributes are available for SOAP signature interface commands (see SOAP signature field attributes).
| Attribute name | Data type | Description |
|---|---|---|
| SIGNFLD_AUXILIARY_MESSAGE | String | The serialized error stack. Only returned if the signature validation is not successful. |
| SIGNFLD_COMPONENT_TYPE | String | The SOAP client application identifier. |
| SIGNFLD_CONFIRM_CODE | String | The host code that can be used by the client to validate the command was executed on the correct server. Only returned if requested in the input and the command execution was successful. Up to 17 numeric or hexadecimal characters. |
| SIGNFLD_CRYPTO_APP_INDEX | Unsigned Integer | The index of the authenticator application to use when you initiate a signature validation transaction using Secure Channel (see genRequest (Command)). The specified authenticator application must be allowed by the effective policy. If not specified, the first applicable authenticator application is used by default. Possible values: 1–n |
| SIGNFLD_CRYPTO_APP_NAME | String | The name of the authenticator application to use when you initiate a signature validation transaction using Secure Channel (see genRequest (Command)). The specified authenticator application must be allowed by the effective policy. If not specified, the first applicable authenticator application is used by default. Up to 12 characters. |
SIGNFLD_DATA_FIELD_1 SIGNFLD_DATA_FIELD_2 SIGNFLD_DATA_FIELD_3 SIGNFLD_DATA_FIELD_4 SIGNFLD_DATA_FIELD_5 SIGNFLD_DATA_FIELD_6 SIGNFLD_DATA_FIELD_7 SIGNFLD_DATA_FIELD_8 | String | The signature data fields (limited by the authenticator application, maximum 8) used to generate the electronic signature. Up to 16 characters. |
| SIGNFLD_DEFERRED_DATETIME | DateTime | The deferred signature datetime attribute should be specified in a full date/time format. |
| SIGNFLD_DEFERRED_EVENT_VALUE | Unsigned Integer | The deferred event counter of the authenticator application used to generate the signature. |
| SIGNFLD_DOMAIN | String | As output, the user's resolved domain will be specified. Up to 255 characters. |
| SIGNFLD_ORGANIZATIONAL_UNIT | String | Indicates the user's resolved organizational unit. Up to 255 characters. |
| SIGNFLD_PASSWORD | String | The combined password string (password format defaults to cleartext combined), provided by the end user required to generate a virtual signature. |
| SIGNFLD_REQUEST_BODY | String | The clear signature validation request body. Applies if Secure Channel is supported. |
| SIGNFLD_REQUEST_CONFIRM_CODE | String | The client application can use this field to indicate its requirement related to host code feedback. Supported values:
Only the numeric value should be used. |
| SIGNFLD_REQUEST_KEY | String | The key that refers to a request message cached by OneSpan Authentication Server. Applies if Secure Channel is supported. |
| SIGNFLD_REQUEST_MESSAGE | String | Signature validation request message. Applies if Secure Channel is supported. |
| SIGNFLD_SERIAL_NO | String | As input, the serial number of the authenticator to be used for the respective command. As output, the serial number of the authenticator (instance) that was used to perform the respective operation. Exactly 10 characters. |
| SIGNFLD_SIGNATURE | String | The electronic signature. Up to 17 numeric or hexadecimal characters. |
| SIGNFLD_STATUS_MESSAGE | String | Reason for failure. Only returned if the signature validation is not successful. |
| SIGNFLD_SVR_PUBLIC_KEY | String | Parameter used as a challenge diversifier to prevent man-in-the-middle (MITM) attacks. Up to 1024 hexadecimal characters. |
| SIGNFLD_TRANSACTION_TITLE | String | The title of a signature validation transaction. Applies if Secure Channel is supported. |
| SIGNFLD_USERID | String | The user ID as provided by the calling application (no specific format is required). As output, the resolved user ID will be specified. Up to 255 characters. |
| SIGNFLD_VERIFIED_DATETIME | DateTime | Applicable for time-based signature validation authenticator applications. Returned if the used authenticator has the timebase algorithm enabled for the signature application and if for the used policy the online signature mode is enabled. |
| SIGNFLD_VERIFIED_EVENT_VALUE | Unsigned Integer | Applicable for event-based signature validation authenticator applications. |
| SIGNFLD_VIRTUAL_SIGNATURE_REQUEST_IDENTIFIER | String |
Cet article vous a-t-il été utile ?