authenticateCredentials request

input fields provides details about the
authenticateCredentials
input fields.
authenticateCredentials
input fields
Input Field
Required?
Type
Purpose
requestId
Y
String
A unique identifier of the request for the enterprise application. This identifier may be useful for troubleshooting purposes.
activate
N
Boolean
Activates a credential. If
otpAuthData
is provided, it consumes the OTP to authenticate. If
pushAuthData
is used, sends a push notification to the credential for authentication.
credentials
:
credentialId
Y
List
List of credentials, which in turn is an object of
credentialId
and
credentialType
.
credentials
:
credentialType
Y
String
Identifies the credential type:
  • STANDARD_OTP (hardware or software
    VIP
    credential, including
    VIP
    Access for Mobile)
  • CERTIFICATE
  • SMS_OTP
  • VOICE_OTP
  • SERVICE_OTP
otpAuthData
:
otp
N
String
The one-time security code that the user’s credential generates. You must use this value or
pushAuthData
, but cannot use both.
pushAuthData
:
displayParameters
N
list
Passes and displays content to users in the push notification. You can customize display messages up to 250 characters. The values must be UTF-8 encoded to support internationalization. However, some phones may not display complete messages. The following keys are currently supported:
This input field contains parameters that define the push notification that is sent to the user’s push-capable mobile device. You must use this value or
otpAuthData
, but cannot use both.
  • push.message.text
    : Text of the push notification in Notification Center (iOS) or Notification Drawer (Android). Suggested maximum size 70 characters.
  • display.message.title
    : Title of the push notification. Suggested maximum size 30 characters.
  • display.message.text
    : Text of the push notification. Suggested maximum size 70 characters.
    If you have integrated
    VIP
    SDK version 3.0.2 or later with your client app, you can use
    encryptedDisplayParameters
    instead of
    displayParameters
    to encrypt the message text.
  • display.message.profile
    : Indicates the logon URL or profile. Suggested maximum size 60 characters.
pushAuthData
:
encryptedDisplayParameters
N
list
Passes and displays content to users in the push notification. Use
encryptedDisplayMessage
instead of
displayParameters
to send the encrypted message only if you have integrated
VIP
SDK version 3.0.2 or later with your client app.
VIP
Services sends an encrypted version of your message to the user's mobile device. The
VIP
SDK decrypts it on the mobile device using the private key assigned to that mobile device.
The following keys are supported:
  • key
    : Enter the value,
    display.message.text
    .
  • cipherData
    : Encrypted transaction message. To encrypt the transaction message:
    • Encrypt the transaction message to display using the public key returned from the
      getCredentialInfo
      or
      getUserInfo
      call. Use the RSA encryption algorithm.
    • Base64-encode the resulting encryption blob.
  • pubkey
    : Hex-encoded version of the public key returned from the
    getCredentialInfo
    or
    getUserInfo
    call
  • algName
    : Enter the value,
    RSA_PKCS1_PADDING
    or
    RSA_OAEP_PADDING
    , as appropriate.
pushAuthData
:
requestParameters
N
List
The following key is currently supported:
request.timeout
: numeric value which indicates the timeout period in seconds of the push authentication request that is sent to the user’s mobile devices.
authContext
N
String
A map containing the parameters that control how the authentication is performed.
VIP
User Services accepts an authentication level for the
authContext
field.
The authentication level defines the credential types that can be validated with this request. This level must match an authentication level that is configured in
VIP
Manager.
  • Key: Enter authLevel.level
  • Value: Enter the authentication level value (as an integer from 1 - 10).
Example authenticateCredentials request
<soapenv:Body> <vip:AuthenticateCredentialsRequest> <vip:requestId>AUTHWPUSH_478263478263</vip:requestId> <vip:credentials> <vip:credentialId>0123456789</vip:credentialId> <vip:credentialType>SMS_OTP</vip:credentialType> </vip:credentials> <vip:pushAuthData> <vip:displayParameters> <vip:Key>push.message.text</vip:Key> <vip:Value>Symantec Push Authentication Request</vip:Value> </vip:displayParameters> <vip:displayParameters> <vip:Key>display.message.title</vip:Key> <vip:Value>Sign In request</vip:Value> </vip:displayParameters> <vip:encryptedDisplayParameters> <vip:Key>display.message.text</vip:Key> <vip:CipherData>nioenuoBUBD IWEDUHIUWBDhbeiuBiUBUIPWEb iDBWIUbdIUWEHiubiuhbjunuipbgUIhuipBuFFRXDtudxERYxyC34f iGVtyiD7ouibHJVryx45XTUFCr6xFYHF76fCFYXredGFXCyrseWHT4 eryzXJgtsd568iCfxERSXD7itdCTYxdxESXcyikXD685 </vip:CipherData> <vip:PubkeyHash>MIn48nEInin88cvhhGHu8534guhho0B9t6ffce 9hBHJGTvi76gbviubT8vybuig89YCVTUBUIGDFCOTYDXFCUf4sjih8 7676576576tr6vYGFGFC</vip:PubkeyHash> <vip:AlgName>RSA_PKCS1_PADDING</vip:AlgName> </vip:encryptedDisplayParameters> <vip:displayParameters> <vip:Key>display.message.profile</vip:Key> <vip:Value>SECURE ASSET</vip:Value> </vip:displayParameters> <vip:requestParameters> <vip:Key>request.timeout</vip:Key> <vip:Value>120</vip:Value> </vip:requestParameters> </vip:pushAuthData> <authContext> <params> <Key>authLevel.level</Key> <Value>1</Value> </params> </authContext> </vip:AuthenticateCredentialsRequest> </soapenv:Body>