Message Formats
JMS Notifications Message Format
-
JMS message for Device registration process:
After successful device registration, ActivID AS publishes the following message on JMS topic:
-
Format:
Copyaction=registration;domain=<domain>;usercode=<usercode>;deviceid=<deviceid>;response=<success/failure>
Where:
- action is
registration
for device registration. - <domain> is the ActivID AS security domain name.
- <usercode> is the user performing the device registration.
- <deviceid> is the deviceid of the device being registered.
- <response> is the result of the device registration on ActivID AS server.
- action is
-
Example:
Copyaction=registration;domain=ONLINEBANK;usercode=u5_000_00000;deviceid=11334;response=success
-
-
JMS message for operation validation process:
After an operation validation is approved or declined on a device, ActivID AS publishes the following message on JMS topic:
-
Format:
Copyaction=opvalidation; domain=<domain>;correlationid=<correlationid>;clientapprovalstatus=< accept/deny >;session=<ALSI>
usercode=<usercode>;deviceid=<deviceid>;success=<1/2>;reason=<failure reason>Where:
- action is
opvalidation
for operation validation process. - <domain> is the ActivID AS security domain name.
- <usercode> is the user performing the operation.
- <deviceid> is the deviceid of the device being used to approve or decline the operation.
- <correlationid> is the value allowing the banking application to match this message with the operation validation requested.
- <clientapprovalstatus> can be accept or deny. This corresponds to the action performed on the mobile device for this operation:
- If user approved the operation, the Clientapprovalstatus= accept
- If user declined the operation, the Clientapprovalstatus= deny
- If success=1, the server has successfully validated message signature response sent by the mobile. In this case, <reason> is not defined.
If success=2, the message signature cannot be validated by the server. In this case, <reason> provides detailed information about the reason for the failure.
- action is
-
Example:
Copyaction=opvalidation; domain=ONLINEBANK;correlationid=12345678;clientapprovalstatus=accept;
session=m8kv8gAAAVIRbDMzMLefCWWz6XWLIlGdt3HKwrGi;
usercode=u5_000_00000;deviceid=11334;success=1;reason=Reason not defined
-
HTTP Callback Notifications Message Format
The format of the messages received on the HTTP callback for Device registration:
When the cb_url and cb_notif_token parameters are present in the Device Issuance Request (see Device Issuance Request Format), then following a successful registration, the ActivID AS server will call the HTTP callback (using the URL defined by cb_url) with the json payload. For example:
{
"client_notification_token":"8d67dc78-7faa-4d41-aabd-67707b374255",
"domain": "ONLINEBANK",
"usercode": "myTestUser",
"deviceid": "11924"
}
Where:
- client_notification_token is the value defined by cb_notif_token.
- domain is the ActivID AS security domain where the device is registered.
- usercode is the user to who the device is assigned.
- deviceid is the ID (in the ActivID AS server) of the device being registered.
Logon/Validation Request Display Message Format
Messages displayed on the device, to notify the user of a logon or action request can be customized for the Apple and Android versions of the HID Approve application.
-
Define a Push Delivery Adapter that will be used specifically for Logon requests:
A default message should always be set, to address cases where the local language is not recognized:
For Android devices:
CopyMESSAGE_<language>-<COUNTRY>={"data":{"alert":{"title": "Customized title","msg":"Customized message"},"tds":"{$secret}"}}
For example:
For iOS/macOS devices:
CopyMESSAGE_<language>-<COUNTRY>={"aps":{"alert":" Customized message "},"tds":"{$secret}"}
For example:
-
Define a Push Delivery Adapter that will be used specifically for Action requests:
A default message should always be set, to address cases where the local language is not recognized (see above).
-
Assign the LOGON gateway to the AT_PASA authentication policy:
-
Assign the ACTION gateway to the AT_TDS authentication policy: