Integrate response validation
  • 19 Oct 2024
  • 2 Minutes to read
  • Dark
    Light

Integrate response validation

  • Dark
    Light

Article summary

Each action configured in the Mobile Authenticator Studio app can call a web service to validate a response. The URL will be called by Mobile Authenticator Studio internally.

Internal response validation (Overview)

Internal response validation (overview)

Response Validation Request

Standard action (single-device licensing)

The URL can use the HTTP POST or GET methods. For more information about URL customization, refer to the Mobile Authenticator Studio Customization Guide.

Parameters supported in URLs (standard action)

Parameter name

Description

RegistrationIdentifier

The identifier used during activation.

Format: Alphanumeric string, limited to 40 characters

PlatformName

The name of the platform on which the device is running.

OTP

The response generated by the cryptographic application defined by the cryptoAppIndex attribute of the Action element.

Format: Hexadecimal string, limited to 16 characters

Challenge

The challenge used for Challenge/Response-based cryptographic applications.

Format: Decimal string, limited to 16 characters

SerialNumber

The authenticator serial number.

Format: Alphanumeric string, 10 characters

SequenceNumber

The sequence number of the authenticator instance/account.

Format: Numeric string of 2 characters

UserIdentifier

The extra user identifier that has been set during activation.

Format: Alphanumeric string, limited to 40 characters

DTF1

This is the first data field used to generate the response.

Format: Alphanumeric string, limited to 16 characters

DTF2

This is the second data field used to generate the response.

Format: Alphanumeric string, limited to 16 characters

DTF3

This is the third data field used to generate the response.

Format: Alphanumeric string, limited to 16 characters

DTF4

This is the fourth data field used to generate the response.

Format: Alphanumeric string, limited to 16 characters

DTF5

This is the fifth data field used to generate the response.

Format: Alphanumeric string, limited to 16 characters

DTF6

This is the sixth data field used to generate the response.

Format: Alphanumeric string, limited to 16 characters

DTF7

This is the seventh data field used to generate the response.

Format: Alphanumeric string, limited to 16 characters

DTF8

This is the eighth data field used to generate the response.

Format: Alphanumeric string, limited to 16 characters

Version

The version of the application binary as defined when configuring the app.

DeviceIdentifier

The device-unique identifier.

Format: String of 64 hexadecimal characters

Secure Channel action (multi-device licensing)

The Secure Channel action can send a request to the server just as the standard action. This request sent by Mobile Authenticator Studio is configured in the OutputData section of the configuration file:

The URL can use the HTTP POST or GET methods. For more information about URL customization, refer to the Mobile Authenticator Studio Customization Guide.

Parameters supported in URLs (Secure Channel action)

Parameter name

Description

OTP

The response generated by the cryptographic application defined by the cryptoAppIndex attribute of the Action element.

Format: Hexadecimal string, limited to 16 characters

SecureChallengeMessage

The Secure Channel message signed by the app. This mask is optional.

PlatformName

The name of the platform on which the device is running.

SerialNumber

The authenticator serial number.

Format: Alphanumeric string, 10 characters

SequenceNumber

The authenticator instance sequence number.

Format: Numeric string of 2 characters

UserIdentifier

The extra user identifier that has been set during activation.

Format: Alphanumeric string, limited to 40 characters

Version

The version of the application binary as defined during the app configuration.

DeviceIdentifier

The device-unique identifier.

Format: String of 64 hexadecimal characters

Response Validation Response

The response expected by Mobile Authenticator Studio must be formatted as described in the DTD:

  1. <!ELEMENT DP4Mobile>

  2. <!ATTLIST DP4Mobile retCode CDATA #REQUIRED>

  3. <!ATTLIST DP4Mobile message CDATA #REQUIRED>

  4. <!ATTLIST DP4Mobile serverTime CDATA #IMPLIED>

The DP4Mobile serverTime parameter is no longer used in Mobile Authenticator Studio 5.2 but still accepted in the response to ensure backwards compatibility with Mobile Authenticator Studio 4.x.

Example

  1. <?xmlversion="1.0"encoding="UTF-8"?>

  2. <DP4MobileretCode="0"message="Operation Successful" />

Response validation response attributes

Attribute name

Description

//DP4Mobile/@retCode

Required. The return code associated with the response validation request. 0 means success, any other value will cause the message attribute value to be displayed.

//DP4Mobile/@message

Required. The return message associated with the response validation request. This value will be displayed by the app if not empty.

//DP4Mobile/@serverTime

Optional. This is the current server GMT time. This value will be used by the app to silently set the drift between device and server time to keep the app synchronized.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant