Integrate response validation

Updated on 19 Oct 2024
2 Minutes to read

Share
Dark
Light

Article summary

Did you find this summary helpful?

Thank you for your feedback

Each action configured in the Mobile Authenticator Studio app can call a web service to validate a response. The URL will be called by Mobile Authenticator Studio internally.

Internal response validation (Overview)

Internal response validation (overview)

Response Validation Request

Standard action (single-device licensing)

The URL can use the HTTP POST or GET methods. For more information about URL customization, refer to the Mobile Authenticator Studio Customization Guide.

Parameter name	Description
Parameters supported in URLs (standard action)
RegistrationIdentifier	The identifier used during activation. Format: Alphanumeric string, limited to 40 characters
PlatformName	The name of the platform on which the device is running.
OTP	The response generated by the cryptographic application defined by the cryptoAppIndex attribute of the Action element. Format: Hexadecimal string, limited to 16 characters
Challenge	The challenge used for Challenge/Response-based cryptographic applications. Format: Decimal string, limited to 16 characters
SerialNumber	The authenticator serial number. Format: Alphanumeric string, 10 characters
SequenceNumber	The sequence number of the authenticator instance/account. Format: Numeric string of 2 characters
UserIdentifier	The extra user identifier that has been set during activation. Format: Alphanumeric string, limited to 40 characters
DTF1	This is the first data field used to generate the response. Format: Alphanumeric string, limited to 16 characters
DTF2	This is the second data field used to generate the response. Format: Alphanumeric string, limited to 16 characters
DTF3	This is the third data field used to generate the response. Format: Alphanumeric string, limited to 16 characters
DTF4	This is the fourth data field used to generate the response. Format: Alphanumeric string, limited to 16 characters
DTF5	This is the fifth data field used to generate the response. Format: Alphanumeric string, limited to 16 characters
DTF6	This is the sixth data field used to generate the response. Format: Alphanumeric string, limited to 16 characters
DTF7	This is the seventh data field used to generate the response. Format: Alphanumeric string, limited to 16 characters
DTF8	This is the eighth data field used to generate the response. Format: Alphanumeric string, limited to 16 characters
Version	The version of the application binary as defined when configuring the app.
DeviceIdentifier	The device-unique identifier. Format: String of 64 hexadecimal characters

Secure Channel action (multi-device licensing)

The Secure Channel action can send a request to the server just as the standard action. This request sent by Mobile Authenticator Studio is configured in the OutputData section of the configuration file:

The URL can use the HTTP POST or GET methods. For more information about URL customization, refer to the Mobile Authenticator Studio Customization Guide.

Parameter name	Description
Parameters supported in URLs (Secure Channel action)
OTP	The response generated by the cryptographic application defined by the cryptoAppIndex attribute of the Action element. Format: Hexadecimal string, limited to 16 characters
SecureChallengeMessage	The Secure Channel message signed by the app. This mask is optional.
PlatformName	The name of the platform on which the device is running.
SerialNumber	The authenticator serial number. Format: Alphanumeric string, 10 characters
SequenceNumber	The authenticator instance sequence number. Format: Numeric string of 2 characters
UserIdentifier	The extra user identifier that has been set during activation. Format: Alphanumeric string, limited to 40 characters
Version	The version of the application binary as defined during the app configuration.
DeviceIdentifier	The device-unique identifier. Format: String of 64 hexadecimal characters

Response Validation Response

The response expected by Mobile Authenticator Studio must be formatted as described in the DTD:

<!ELEMENT DP4Mobile>
<!ATTLIST DP4Mobile retCode CDATA #REQUIRED>
<!ATTLIST DP4Mobile message CDATA #REQUIRED>
<!ATTLIST DP4Mobile serverTime CDATA #IMPLIED>

The DP4Mobile serverTime parameter is no longer used in Mobile Authenticator Studio 5.2 but still accepted in the response to ensure backwards compatibility with Mobile Authenticator Studio 4.x.

Example

<?xmlversion="1.0"encoding="UTF-8"?>
<DP4MobileretCode="0"message="Operation Successful" />

Attribute name	Description
Response validation response attributes
//DP4Mobile/@retCode	Required. The return code associated with the response validation request. 0 means success, any other value will cause the message attribute value to be displayed.
//DP4Mobile/@message	Required. The return message associated with the response validation request. This value will be displayed by the app if not empty.
//DP4Mobile/@serverTime	Optional. This is the current server GMT time. This value will be used by the app to silently set the drift between device and server time to keep the app synchronized.

Was this article helpful?

What's Next

Transaction data signing

Table of contents

Response Validation Request
Response Validation Response