Secure Channel validation
  • 23 Oct 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Secure Channel validation

  • Dark
    Light
  • PDF

Article summary

Regular Secure Channel validation

  1. <SecureChannelValidation internalValidation="true">

  2.  <URL value="http://MY_DOMAIN_NAME/...?serial=%_    SerialNumber_%&amp;otp=%_    OTP_%_%&amp;cryptoAppIndex=2&amp;secureChannelMessage=%_    SecureChannelMessage_%" >

  3.  </URL>

  4. </SecureChannelValidation>

  • SecureChannelValidation: This element is used to configure the Mobile Authenticator Studio Secure Channel validation. This element is optional.

    • internalValidation: Indicates whether the transaction is validated internally (by Mobile Authenticator Studio) or externally (via a web browser). The default value is false.

  • SecureChannelValidation > URL: This is the URL used to validate the Secure Channel message signature.

Masks for the regular Secure Channel validation URL lists the masks for the regular Secure Channel validation URL.

Masks for the regular Secure Channel validation URL

Mask

Value

%_SerialNumber_%

This is the serial number of the authenticator. This mask is mandatory.

%_OTP_%

This is the generated signature of the Secure Channel message. This mask is mandatory.

%_SecureChannelMessage_%

This is the Secure Channel message signed by the application. This mask is optional.

Secure Channel Validation with DIGIPASS Gateway

  1. <SecureChannelValidation>

  2.  <URL method="POST" contentType="json"value="http://MY_DOMAIN_NAME/rest/v2/signature/push/authSignature">

  3.    <PayloadParameter key="userID"value="%_UserIdentifier_%"/>

  4.    <PayloadParameter key="domain"value="%_Domain_%"/>

  5.    <PayloadParameter key="challengeKey"value="%_Challenge_%"/>

  6.    <PayloadParameter key="signature"value="%_OTP_%"/>

  7.  </URL>

  8. </SecureChannelValidation>

  • SecureChannelValidation > URL: This is the URL used to validate the Secure Channel message signature. It must use the POST method and the json content type.

Masks for the Secure Channel validation URL with DIGIPASS Gateway lists the masks for the Secure Channel validation URL in case of push-and-login or push-and-sign operations using DIGIPASS Gateway.

Masks for the Secure Channel validation URL with DIGIPASS Gateway

Mask

Value

%_UserIdentifierSerialNumber_%

This is the user identifier used to activate the authenticator. This mask is mandatory.

%_Domain_%

This is the domain used by the generated signature of the Secure Channel message. This mask is mandatory.

%_Challenge_%

This is the challenge key used to retrieve the Secure Channel message signed by the application. This mask is mandatory.

%_OTP_%

This is the generated signature of the Secure Channel message. This mask is mandatory.

The SecureChannelValidation element is used during push-and-login or push-and-sign operations using DIGIPASS Gateway.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant