Login
    Contenu x
    User Authentication: Response-Only
    • 20 Jan 2025
    • 2 Minutes à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    User Authentication: Response-Only

    • Mis à jour le 20 Jan 2025
    • 2 Minutes à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    A Response-Only operation performs user authentication using a one-time password (OTP) and/or a static password. To execute this operation, the registered client application should send an authUser SOAP request to OneSpan Authentication Server.

    This operation can be used to perform the following types of user authentication:

    • Response-Only mode, OTP
    • Response-Only mode, OTP combined with server PIN
    • Response-Only mode, static password
    • Response-Only mode, OTP combined with static password
    • Response-Only mode, OTP combined with static password and server PIN

    For all supported types of Response-Only user authentication, the OTP, static password, and server PIN have to be specified, if used, as credential attributes for the authUser request. For more information about the structure of an authUser request, see authUser SOAP request structure.

    The authUser SOAP request supports two formats to specify the static password or OTP. To indicate the password format in the authUser SOAP request, the credential attribute CREDFLD_PASSWORD_FORMAT should be included with the correct value.

    The following password format specification methods in the authUser SOAP request are supported:

    • One password attribute combining all user credentials. This attribute will hold a password string that is a concatenation of all different authentication elements (static password and/or OTP and/or server PIN). This concatenated password string should be specified via the credential field attribute CREDFLD_PASSWORD. The password format attribute should be included with a value of 0.
    • A separate attribute for each user credential. This method requires specifying a credential attribute for each authentication information element like static password, OTP, server PIN. The password format attribute CREDFLD_PASSWORD_FORMAT should be included with a value of 4.

    Response-Only mode, OTP

    To verify a Response-Only OTP using several password attributes, the authUser command requires the following minimum set of credential field attributes:

    • CREDFLD_USERID
    • CREDFLD_COMPONENT_TYPE. Indicates the client application component type.
    • CREDFLD_PASSWORD_FORMAT
    • OTP specified either via the CREDFLD_PASSWORD or the CREDFLD_DP_RESPONSE credential attribute depending on the chosen password format.

    A client application with component type SOAP Auth Client will typically send the following SOAP command to authenticate user test1 using a Response-Only OTP 312469:

    <soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aut="http://www.vasco.com/IdentikeyServer/IdentikeyTypes/Authentication">
  <soapenv:Header/>
  <soapenv:Body>
    <aut:authUser>
      <credentialAttributeSet>
        <attributes>
          <value xsi:type="xsd:string">SOAP Auth Client</value>
          <attributeID>CREDFLD_COMPONENT_TYPE</attributeID>
        </attributes>
        <attributes>
          <value xsi:type="xsd:string">test1</value>
          <attributeID>CREDFLD_USERID</attributeID>
        </attributes>
        <attributes>
          <value xsi:type="xsd:unsignedInt">4</value>
          <attributeID>CREDFLD_PASSWORD_FORMAT</attributeID>
        </attributes>
        <attributes>
          <value xsi:type="xsd:string">321469</value>
          <attributeID>CREDFLD_DP_RESPONSE</attributeID>
        </attributes>
      </credentialAttributeSet>
    </aut:authUser>
  </soapenv:Body>
</soapenv:Envelope>

    Response-Only mode, with server PIN

    To verify a static password using one combined password attribute, the authUser command requires the following minimum set of credential field attributes:

    • CREDFLD_USERID
    • CREDFLD_COMPONENT_TYPE. Indicates the client application component type.
    • CREDFLD_PASSWORD_FORMAT
    • The static password specified either via credential attribute CREDFLD_PASSWORD or via credential attribute CREDFLD_STATIC_PASSWORD depending on the chosen password format.
    • The server PIN specified either via the CREDFLD_PASSWORD or the CREDFLD_CURRENT_PIN credential attribute.

    Response-Only mode, static password

    In order to verify a static password using one combined password attribute, the authUser command requires the following minimum set of credential field attributes:

    • CREDFLD_USERID
    • CREDFLD_COMPONENT_TYPE. Indicates the client application component type.
    • CREDFLD_PASSWORD_FORMAT
    • The static password specified either via the CREDFLD_PASSWORD or the CRED_STATIC_PASSWORD credential attribute.

    Other supported authentication types combine functions such as Response-Only OTP, static password, and server PIN. The combination authentication types will not be described in detail.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle