Configure the Push Delivery Gateway and Adapters
Mobile Push delivery adapters should be added for Microsoft® Azure® communications with Apple, Google and Windows 10 devices.
They will ensure that a notification is sent to the user's mobile device.
- Contact HID Global Customer Services to obtain the Microsoft Azure Hub characteristics (connection string and hub path).
Make sure the latest CA root certificates required to connect to the Microsoft Azure Notification Hub infrastructure (for example, Baltimore CyberTrust) are available in the ActivID Appliance truststore.
For further details about the CAs utilized by Azure, refer to Microsoft Azure Certificate Authorities.
ActivID Appliance connects to Microsoft Azure Notification hubs to send notifications to mobile devices. The ActivID Appliance forward proxy function allows configuring your proxy for this connection.
The proxy parameters in the below Azure-based delivery adapters are deprecated and should not be used.
-
Log on to the ActivID Management Console and select the Configuration tab.
-
Under Environment, select OOB Delivery Gateway.
-
Click Add and follow the steps in the following sections to add the Delivery gateways for Apple, Google and Windows 10 devices:
Azure Apns Push Delivery adapterAdapter for Microsoft notification services for push-based authentication for Apple iOS and macOS devices.
Setting Description Azure connection string
Required
URL of Microsoft Azure Notification Hub dedicated to your deployment. This URL includes the Notification Hub host.
Contact HID Global Customer Services to request an Azure connection String for your deployment.
Hub Path
Required
Name of Microsoft Azure Notification Hub.
Contact HID Global Customer Services to request this value.
Notifications time to live (seconds)
Number of seconds (TTL or lifespan) during which the push notifications are valid and can be delivered.
By default, the value is 0 which corresponds to the APNS default behavior (only one delivery attempt is made).
If you set a time limit, repeated delivery attempts are made (as required) until the defined limit is reached.
For further information, go to https://developer.apple.com/documentation/usernotifications/setting_up_a_remote_notification_server/sending_notification_requests_to_apns/
Supported OS List (use | as separator)
Required
ID used to automatically select the Delivery Gateway for sending the push request message.
Supported values are:
- iOS
- macOS
To add support for both systems, use | to separate the values (that is, iOS|macOS).
Important:
- It is recommended that you only enter the OS value(s) in this field, instead of a list of versions.
- This field is mandatory and case-sensitive (that is, you must use iOS and/or macOS).
- This adapter will be selected to send push notifications to all devices of the specified OS.
Note: If different applications are running on the same operating system, you can define a specific delivery gateway per application. You should then use a different authentication policy for each application, and map the corresponding delivery gateway to each policy.Content of Credential messages template
Required
Content of the message sent to the user's device to prompt for service activation
By default, it is pre-populated with:
{"aps":{"alert":"Activation"},"prov":"{$secret}"}
Content of Challenge messages template
Required
Content of the message sent to the user's device to prompt for validation
By default, it is pre-populated with:
{"aps":{"alert":"New Transaction"},"tds":"{$secret}"}
Note:
- The proxy parameters are deprecated and should not be used. If necessary, configure a forward proxy.
- Credential messages template – is not used in this version.
- Challenge messages template − structure of the notification must be kept but the following text items can be customized and localized (see Logon/Validation Request Display Message Format):
- "New Transaction"
- "Validate transaction"
- Due to a JSON limitation, the apostrophe character (‘) is not supported in the message. For example, “Bank New Transaction” is supported but “Banks’s New Transaction” will fail.
Azure Gcm Push Delivery adapterAdapter for Microsoft notification services for push-based authentication for Google Android devices.
Setting Description Azure connection string
Required
URL connection string of Microsoft Azure Notification Hub for your deployment. This URL includes the Notification Hub host.
Contact HID Global Customer Services to request a Microsoft Azure connection string for your deployment.
Hub Path
Required
Name of Microsoft Azure Notification Hub.
Contact HID Global Customer Services to request this value.
Notifications time to live (seconds)
Number of seconds (TTL or lifespan) during which the push notifications are valid and can be delivered.
By default, the value is 0 which corresponds to the Firebase Cloud Messaging (FCM) maximum validity of four (4) weeks.
If you set a time limit, repeated delivery attempts are made (as required) until the defined limit is reached.
For further information, go to https://firebase.google.com/docs/cloud-messaging/http-server-ref
Supported OS List (use | as separator)
Required
ID used to automatically select the Delivery Gateway for sending the push request message.
It is recommended that you only enter Androidin this field, instead of a list of versions.
Important: This field is mandatory and case-sensitive (that is, you must use Android). If this parameter is set to Android, then this adapter will be selected to send push notifications to all Android devices.Note: If different applications are running on the same operating system, you can define a specific delivery gateway per application. You should then use a different authentication policy for each application, and map the corresponding delivery gateway to each policy.Content of Credential messages template
Required
Content of the message sent to the user's device to prompt for service activation
By default, it is pre-populated with:
{"data":{"alert":{"title": "Activation","msg":"Touch to activate"},"prov":"{$secret}"}}
Content of Challenge messages template
Required
Content of the message sent to the user's device to prompt for validation
By default, it is pre-populated with:
{"data":{"alert":{"title": "New Transaction","msg":"Validate transaction"},"tds":"{$secret}"}}
Note:
- The proxy parameters are deprecated and should not be used. If necessary, configure a forward proxy.
- Credential messages template – is not used in this version.
- Challenge messages template − structure of the notification must be kept but the following text items can be customized and localized (see Logon/Validation Request Display Message Format):
- "New Transaction"
- "Validate transaction"
- Due to a JSON limitation, the apostrophe character (‘) is not supported in the message. For example, “Bank New Transaction” is supported but “Banks’s New Transaction” will fail.
Azure WNS Push Delivery adapterAdapter for Microsoft notification services for push-based authentication for Microsoft Windows 10 devices.
Setting Description Azure connection string
Required
URL of Microsoft Azure Notification Hub dedicated to your deployment. This URL includes the Notification Hub host.
Contact HID Global Customer Services to request an Azure connection String for your deployment.
Hub Path
Required
Name of Microsoft Azure Notification Hub.
Contact HID Global Customer Services to request this value.
Notifications time to live (seconds)
Number of seconds (TTL or lifespan) during which the push notifications are valid and can be delivered.
By default, the value is 0 which corresponds to the WNS default behavior (notification does not expire).
If you set a time limit, repeated delivery attempts are made (as required) until the defined limit is reached. For further information, go to https://docs.microsoft.com/en-us/previous-versions/windows/apps/hh465435(v=win.10)
Supported OS List (use | as separator)
Required
ID used to automatically select the Delivery Gateway for sending the push request message.
It is recommended that you only enter WINDOWS in this field, instead of a list of versions.
Important: This field is mandatory and case-sensitive (that is, you must use WINDOWS). If this parameter is set to WINDOWS, then this adapter will be selected to send push notifications to all Windows devices.Note: If different applications are running on the same operating system, you can define a specific delivery gateway per application. You should then use a different authentication policy for each application, and map the corresponding delivery gateway to each policy.Content of Credential messages template
Required
Content of the message sent to the user's device to prompt for service activation
By default, it is pre-populated with:
{"data":{"alert":{"title": "Activation","msg":"Touch to activate"},"prov":"{$secret}"}}
Content of Challenge messages template
Required
Content of the message sent to the user's device to prompt for validation
By default, it is pre-populated with:
{"data":{"alert":{"title": "New Transaction","msg":"Validate transaction"},"tds":"{$secret}"}}
Note:
- The proxy parameters are deprecated and should not be used. If necessary, configure a forward proxy.
- Credential messages template – is not used in this version.
- Challenge messages template − structure of the notification must be kept but the following text items can be customized and localized (see Logon/Validation Request Display Message Format):
- "New Transaction"
- "Validate transaction"
- Due to a JSON limitation, the apostrophe character (‘) is not supported in the message. For example, “Bank New Transaction” is supported but “Banks’s New Transaction” will fail.
- Google Push Delivery adapter
- Apple Push Notification Delivery adapter
- Windows Push Notification Delivery adapter
Support for these adapters will be removed in future ActivID Appliance versions.