This flow describes how to initiate transaction and verify it with OTP generated in offline mobile device (possibly via scanning QR code).
Initiate offline transaction IAPI/initiateTransaction
Get OTP from mobile app
Verify CM offline transaction IAPI/verifyTransaction
Initiate offline transaction
initiate authorization from offline mobile instance
specific parameters setting:
operationType = AUTHORIZATION
type = PIN for PIN only authorization, type = ALT_SECRET for PIN and biometric authorization, type = NO_PIN for confirmation only
processingOptions.authorizationFlow = OFFLINE
processingOptions.offlineChallenge = QR to return data for QR code
used parameters:
Parameter
Description
Required
Value example
methodTypetype of used method
true
["PASSWORD","SMS","CM"]
muiduser identifier
false
cg2t1
operationTypetype of initiated transaction, deafault value is AUTHORIZATION
false
["AUTHENTICATION","AUTHORIZATION"]
tenantorganisation name, if not supplied, default value from configuration is taken
false
Monet+
typesecret that can be used for transaction verification, secrets hierarchy: PIN > ALT_SECRET > NO_PIN, stronger secret can be used always, default value is PIN
false
["PIN","NO_PIN","INFORMATION_MESSAGE","ALT_SECRET_ACTIVATION"]
processingOptions.authorizationFlowdistinguishes how the transaction can be verified, default value is ONLINE_OFFLINE
false
["ONLINE","OFFLINE","ONLINE_OFFLINE"]
transactionData.dataWYSIWYS transaction data (base64-encoded)
true
PFdZU0lXWVMgeG1sbnM9Imh0dHA6Ly9tZXAubW9uZXRwbHVzLmN6IiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB2ZXJzaW9uPSIxLjIiIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL21lcC5tb25ldHBsdXMuY3ogbWVwX3d5c2l3eXNfMV8yLnhzZCI+DQoJPHQ+DQoJCTxsdlNwZWMgbD0iTsOhemV2IHRyYW5zYWtjZSIgbHdzPSIiIHdzPSIiPlDFmWlobMOhxaFlbsOtIGRvIGFwbGlrYWNlPC9sdlNwZWM+DQoJCTxsdiBpZD0iQVBQX0lEIiBsPSJBcGxpa2FjZSI+QkxVRTwvbHY+DQoJCTxsdiBpZD0iVFJBTlNBQ1RJT05fSUQiIGw9IklEIG9wZXJhY2UiPjE2MDcyNjAwMDAwMDA1NzwvbHY+DQoJCTxsdiBpZD0iQVBQTElDQVRJT05fTkFNRSIgbD0iTsOhemV2IGFwbGlrYWNlIj5CTFVFPC9sdj4NCgkJPGx2IGlkPSJUSU1FU1RBTVAiIGw9IkRhdHVtIGEgxI1hcyB0cmFuc2FrY2UiPjI2LjA3LjIwMTYgMTU6MjQ6MjA8L2x2Pg0KCQk8bHYgaWQ9IkNBU0VfTkFNRSIgbD0iTsOhemV2IHRyYW5zYWtjZSI+UMWZaWhsw6HFoWVuw60gZG8gYXBsaWthY2U8L2x2Pg0KCTwvdD4NCjwvV1lTSVdZUz4=
transactionData.localelanguage code according to ISO 639-1
true
cs
transactionData.templatetransformation template
true
AUTHENTICATION
REST API callback:
IAPI/initiateTransaction
POST http://${BASE_URL}/case-iapi/v1/initiateTransaction
{
"tenant": "idport",
"muid": "cg2t1",
"methodType": "CM",
"operationType": "AUTHORIZATION",
"type": "PIN",
"transactionData": {
"data": "PFdZU0lXWVMgeG1sbnM9Imh0dHA6Ly9tZXAubW9uZXRwbHVzLmN6IiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB2ZXJzaW9uPSIxLjIiIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL21lcC5tb25ldHBsdXMuY3ogbWVwX3d5c2l3eXNfMV8yLnhzZCI+DQoJPHQ+DQoJCTxsdlNwZWMgbD0iTsOhemV2IHRyYW5zYWtjZSIgbHdzPSIiIHdzPSIiPlDFmWlobMOhxaFlbsOtIGRvIGFwbGlrYWNlPC9sdlNwZWM+DQoJCTxsdiBpZD0iQVBQX0lEIiBsPSJBcGxpa2FjZSI+QkxVRTwvbHY+DQoJCTxsdiBpZD0iVFJBTlNBQ1RJT05fSUQiIGw9IklEIG9wZXJhY2UiPjE2MDcyNjAwMDAwMDA1NzwvbHY+DQoJCTxsdiBpZD0iQVBQTElDQVRJT05fTkFNRSIgbD0iTsOhemV2IGFwbGlrYWNlIj5CTFVFPC9sdj4NCgkJPGx2IGlkPSJUSU1FU1RBTVAiIGw9IkRhdHVtIGEgxI1hcyB0cmFuc2FrY2UiPjI2LjA3LjIwMTYgMTU6MjQ6MjA8L2x2Pg0KCQk8bHYgaWQ9IkNBU0VfTkFNRSIgbD0iTsOhemV2IHRyYW5zYWtjZSI+UMWZaWhsw6HFoWVuw60gZG8gYXBsaWthY2U8L2x2Pg0KCTwvdD4NCjwvV1lTSVdZUz4=",
"locale": "cs",
"template": "AUTHENTICATION"
},
"processingOptions": {
"authorizationFlow": "OFFLINE",
"offlineChallange": "QR"
}
}
{
"status": "success",
"data": {
"caseId": "FMMcB5a72/EgYrUmoQaj5SVGSToMk3IWjCApCVlM3aNxoxVV0YfosayGHTmirmPF8ZHlHLqjvAow1wr1fJaPyfaj+uJ6plgIsIOVG6pQVdJXv3E8OeV+WKRQLz+iGeVa",
"methodSpecific": {
"qrData": "UVIyfDJ8QUM5OEUyNEV8UElOfDB8MOKUjEJMVUXilIzilIx8MHw4VEE3MUo8UMWZaWhsw6HFoWVuw60gZG8gYXBsaWthY2U8PEJMVUU8PDF8RGF0dW0gYSDEjWFzIHRyYW5zYWtjZXwyNi4wNy4yMDE2IDE1OjI0OjIwPjF8SUQgdHJhbnNha2NlfDE2MDcyNjAwMDAwMDA1Nw==",
"cipherPublicKey": "MIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQCbA+nA4Oyfe4OiFeYGRK8O02+q3ObJ3IZPhYw7SJ5ULhygpZNhIcL5X0c1c2/yHuVoD7PKmoguQUu5Jj5uRC2ovvC8+X+xPRfohrhw8IXQ/DJC8AqRifCCUWshL8qzA4NNzIDIcMG+gLstSHdcMt6+opQb7AemGPfKiWVYw8wsTI9omkfT5QeMWTGJjBD38DFTLzEua/E56lm4MKDM4rk2PxD0Va0h2aZG7T0F6RwqhM7YYLhbc9LVwr840U9/EfUCAwEAAQ=="
}
}
}
either scan QR code or enter PIN (resp. use biometrics) to get OTP from mobile application
Verify CM offline transaction
authorization of transaction identified by caseId
code is transaction verification code (OTP) obtained from mobile application (previous step)
code can be optionally encrypted with RSA methodSpecific.cipherPublicKey from IAPI/initiateTransaction
used parameters:
Parameter
Description
Required
Value example
caseIdtransaction identifier
true
41QHE14SDOdId+d+g9isQVRgpkPKRRAoYWcaLVt//BdW4VjjSf0QfEmMMPzRGo6wl1TCcx5GUtGFr8sfh315Tuj4AT/ea4sSyv9z7Tgklo2RhV9zMhDOh7bBI5vp+uPf
codetransaction verification code
false
kuxejDzuNbSh1z6VGzYqo7Bv90IpfRavzGfxBYN9yl6D549zaSawq6+Cb0RDQLUz+vpFCgPBMHs73AQO1TpkVCACO/XiDfAf6P2ad61pPlXN02+L6fARtxXcOqowuM5AdPQioV4Byo1/guSjsT/BGNL0MpIjw5NgMtpB5NNw24+2PYx+8lzZM25NPTNaylTJNXBiCL3kBV/p68hc2p4EDzSSRjgA0uTH1oNMIqyNXXPOFGCKU9RSylrBnwLpCUkq
methodTypetype of used method
true
["PASSWORD","ACTIVATION_CODE","SMS","CM","SPNEGO","TLS_CLIENT"]
muiduser identifier
true
cg2t1
tenantorganisation name, if not supplied, default value from configuration is taken
false
Monet+
REST API callback:
IAPI/verifyTransaction
POST http://${BASE_URL}/case-iapi/v1/verifyTransaction
{
"tenant": "idport",
"muid": "cg2t1",
"methodType": "CM",
"caseId": "FMMcB5a72/EgYrUmoQaj5SVGSToMk3IWjCApCVlM3aNxoxVV0YfosayGHTmirmPF8ZHlHLqjvAow1wr1fJaPyfaj+uJ6plgIsIOVG6pQVdJXv3E8OeV+WKRQLz+iGeVa",
"code": "dDSriKGGD6qpk5JcoouiTijgnmOsc2Spui93efpq3AitpZ2aL8dareDeD9n4RS4Bw0wohRGI/EzodWfv6+UQjb9XKMP/ePTmWrR92i81b2qmWqMC05GC9FaN5GhvOVju0fVu0GoexcZYWBj2AeNtkKD5lfzeg9iytBI8UXJBy39TUhp9uXFX1Mb5MDcudyokePiGiGIOK/RZ1nQF7hEFvvM9FelWulpaOju965SVd69SgRbDFGP2CtpCdQBFj1d/"
}
{
"status": "success",
"data": {
"instanceInfo": {
"@type": "cz.monetplus.idport.component.model.mobile.InstanceInfoCM",
"instanceId": "67bee9b03d13cc2b4c42ec5f9e36fd0e917cbdd6b8e2fe35f43e88937f77cf2b",
"state": "ACTIVE",
"instanceName": "LGE LG-H440n",
"lastAccess": "2020-07-30T00:23:34.600504Z",
"threatFlags": "AAAAAAAAAAA=",
"hwId": "eeb0dba54e565f99-1486128428103--121527461765273515",
"osVersion": "6.0",
"deviceModel": "LG-H440n",
"manufacturer": "LG",
"platform": "ANDROID"
}
}
}