authenticateUserWithPush request

The authenticateUserWithPush request authenticates users through a push notification.
Send the request to: https://userservices-auth.vip.symantec.com/vipuserservices/AuthenticationService_1_10
authenticateUserWithPush
input fields
provides details about the
authenticateUserWithPush
input fields.
authenticateUserWithPush
input fields
Input Field
Required?
Type
Purpose
requestId
Y
string
A unique identifier of the request for the enterprise application. The request ID accepts from 4 to 40 alphanumeric characters and underscores.
This identifier may be useful for troubleshooting purposes.
userId
Y
string
Unique ID for the user (for example, the user email address, the user’s logon name, or a unique ID that maps to user’s logon name). The user ID accepts 1 to 128 international characters.
The user ID is not case-sensitive in look-up operations.
pin
N
string
Optional user PIN for first-factor authentication. The PIN may be 4 to 128 international characters in length, depending on restrictions of the PIN policy.
pushAuthData
:
displayParameters
N
list
Passes and displays content to users in the push notification. You can customize display messages up to 250 characters. However, some phones may not display complete messages. The following keys are currently supported:
This input field contains parameters that define the push notification that is sent to the user’s push-capable mobile device.
  •   display.message.title
    : Title of the push notification.
    This value is used for standard push authentication requests. It is not applicable to biometric fingerprint or VIP PIN authentication on the mobile device.
  • display.message.text
    : Text of the push notification.
  • display.message.profile
    : Indicates the logon URL or profile.
pushAuthData
:
requestParameters
N
list
The following keys are currently supported:
  • request.timeout
    : Numeric value that indicates the timeout period in seconds of the push authentication request that is sent to the user’s mobile devices.
  • nonactionable.notification
    : Disables actionable push notifications.
    • true
      : Swipe actions are not available in push notifications. Users must open VIP Access to view and act on the push request.
    • false
      : Swipe actions are available in push notification. Users can act on the push request from the notification, without opening VIP Access.
    If this key is not included, the behavior defaults to false.
  • enforceLocalAuth
    : Require the user to authenticate with a local authentication method.
    • true
      : User authenticates by logging in to the device using the local authentication method (passcode or Touch ID for iOS, PIN, pattern, password, or fingerprint for Android).
    • false
      : User authenticates by approving the push notification.
    If this key is not included, the behavior defaults to false. If the user has not set a local authentication method, an error is displayed to the user and the authentication requests fails. If the local authentication fails, the authentication request fails.
  • supportNumberChallenge
    : Require the user to authenticate with a challenge number.
    If Mobile Push and Require Number Challenge are not enabled in VIP Manager, this flag is ignored.
    • true
      : User authenticates by entering the two-digit challenge number displayed on the Sign In screen into the push notification.
    • false
      : The authentication request fails.
    If this key is not included the behavior defaults to false. If the mobile device does not support number challenge, the authentication requests fails. If the number challenge authentication fails, the authentication request fails.
  • includeDeviceInfo
    : Return information about the device health, if available.
    • true
      : Any available device health information is returned in the
      pollPushStatus
      response.
    • false
      : No health information about the device is returned in the response.
    If this key is not included, the behavior defaults to false. The user must have a supported version of the VIP Access client installed to capture device information.
authContext
N
string
A map containing the parameters that control how the authentication is performed. VIP User Services accepts an authentication level for the
authContext
field.
The authentication level defines the authentication methods that VIP User Services can validate against. If an authentication level is sent, the push notification is validated only if the authentication level allows Mobile Push.
This level must match an authentication level configured in VIP Manager.
  • Key: Enter
    authLevel.level
  • Value: Enter the authentication level value (as an integer from 1 - 10).