This flow describes how to initiate and verify PASSWORD transaction.
Initiate password verification IAPI/initiateTransaction
Calculate crypto with password Encrypt password hash with RSA key
Verify PASSWORD transaction IAPI/verifyTransaction
Initiate password verification
initiate transaction for specified muid and methodType = PASSWORD
used parameters:
Parameter
Description
Required
Value example
methodTypetype of used method
true
["PASSWORD","SMS","CM"]
muiduser identifier
false
cg2t1
operationTypetype of initiated transaction, deafault value is AUTHORIZATION
false
["AUTHENTICATION","AUTHORIZATION"]
tenantorganisation name, if not supplied, default value from configuration is taken
false
Monet+
transactionData.dataWYSIWYS transaction data (base64-encoded)
true
PFdZU0lXWVMgeG1sbnM9Imh0dHA6Ly9tZXAubW9uZXRwbHVzLmN6IiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB2ZXJzaW9uPSIxLjIiIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL21lcC5tb25ldHBsdXMuY3ogbWVwX3d5c2l3eXNfMV8yLnhzZCI+DQoJPHQ+DQoJCTxsdlNwZWMgbD0iTsOhemV2IHRyYW5zYWtjZSIgbHdzPSIiIHdzPSIiPlDFmWlobMOhxaFlbsOtIGRvIGFwbGlrYWNlPC9sdlNwZWM+DQoJCTxsdiBpZD0iQVBQX0lEIiBsPSJBcGxpa2FjZSI+QkxVRTwvbHY+DQoJCTxsdiBpZD0iVFJBTlNBQ1RJT05fSUQiIGw9IklEIG9wZXJhY2UiPjE2MDcyNjAwMDAwMDA1NzwvbHY+DQoJCTxsdiBpZD0iQVBQTElDQVRJT05fTkFNRSIgbD0iTsOhemV2IGFwbGlrYWNlIj5CTFVFPC9sdj4NCgkJPGx2IGlkPSJUSU1FU1RBTVAiIGw9IkRhdHVtIGEgxI1hcyB0cmFuc2FrY2UiPjI2LjA3LjIwMTYgMTU6MjQ6MjA8L2x2Pg0KCQk8bHYgaWQ9IkNBU0VfTkFNRSIgbD0iTsOhemV2IHRyYW5zYWtjZSI+UMWZaWhsw6HFoWVuw60gZG8gYXBsaWthY2U8L2x2Pg0KCTwvdD4NCjwvV1lTSVdZUz4=
transactionData.localelanguage code according to ISO 639-1
true
cs
transactionData.templatetransformation template
true
AUTHENTICATION
REST API callback:
IAPI/initiateTransaction
POST http://${BASE_URL}/case-iapi/v1/initiateTransaction
{
"tenant": "idport",
"muid": "cg2t1",
"methodType": "PASSWORD",
"operationType": "AUTHENTICATION",
"transactionData": {
"data": "PFdZU0lXWVMgeG1sbnM9Imh0dHA6Ly9tZXAubW9uZXRwbHVzLmN6IiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB2ZXJzaW9uPSIxLjIiIHhzaTpzY2hlbWFMb2NhdGlvbj0iaHR0cDovL21lcC5tb25ldHBsdXMuY3ogbWVwX3d5c2l3eXNfMV8yLnhzZCI+DQoJPHQ+DQoJCTxsdlNwZWMgbD0iTsOhemV2IHRyYW5zYWtjZSIgbHdzPSIiIHdzPSIiPlDFmWlobMOhxaFlbsOtIGRvIGFwbGlrYWNlPC9sdlNwZWM+DQoJCTxsdiBpZD0iQVBQX0lEIiBsPSJBcGxpa2FjZSI+QkxVRTwvbHY+DQoJCTxsdiBpZD0iVFJBTlNBQ1RJT05fSUQiIGw9IklEIG9wZXJhY2UiPjE2MDcyNjAwMDAwMDA1NzwvbHY+DQoJCTxsdiBpZD0iQVBQTElDQVRJT05fTkFNRSIgbD0iTsOhemV2IGFwbGlrYWNlIj5CTFVFPC9sdj4NCgkJPGx2IGlkPSJUSU1FU1RBTVAiIGw9IkRhdHVtIGEgxI1hcyB0cmFuc2FrY2UiPjI2LjA3LjIwMTYgMTU6MjQ6MjA8L2x2Pg0KCQk8bHYgaWQ9IkNBU0VfTkFNRSIgbD0iTsOhemV2IHRyYW5zYWtjZSI+UMWZaWhsw6HFoWVuw60gZG8gYXBsaWthY2U8L2x2Pg0KCTwvdD4NCjwvV1lTSVdZUz4=",
"locale": "cs",
"template": "AUTHENTICATION"
}
}
{
"status": "success",
"data": {
"caseId": "Vn+tlfJ/sTMUMDxJmgju6qUwClhDXtSq5fcUPO0KN5kn6Ndzq6i9fNFwc5W0uvfJZZNvz2hW0dDyG20z2t97Pg2iRecBqqiLhhEcvn3ikOlgfzInEUIQOQNLUpurej3F",
"methodSpecific": {
"salt": "S4IA9/pt+mOclZ6bRlK48lYktaDdaAJHG16Fot6mXuA=",
"cipherPublicKey": "MIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQCbA+nA4Oyfe4OiFeYGRK8O02+q3ObJ3IZPhYw7SJ5ULhygpZNhIcL5X0c1c2/yHuVoD7PKmoguQUu5Jj5uRC2ovvC8+X+xPRfohrhw8IXQ/DJC8AqRifCCUWshL8qzA4NNzIDIcMG+gLstSHdcMt6+opQb7AemGPfKiWVYw8wsTI9omkfT5QeMWTGJjBD38DFTLzEua/E56lm4MKDM4rk2PxD0Va0h2aZG7T0F6RwqhM7YYLhbc9LVwr840U9/EfUCAwEAAQ==",
"algType": 2,
"nonce": "JhcAyHHnWcA3JcWNgS2bXAerspEAN24yMmnk/KPvP7tkA4Qzf9ZxM4r5OZNpxK9D"
}
}
}
Calculate crypto with password
for algType = 2
calculation of transaction verification code = sha256(sha256(salt||password)||nonce) where password is password supplied by user, salt is parameter .data.methodSpecific.salt from IAPI/activateMethodnonce is parameter .data.methodSpecific.nonce from IAPI/intiateTransaction
Encrypt password hash with RSA key
code can be optionally encrypted with RSA methodSpecific.cipherPublicKey from IAPI/initiateTransaction
algorithm RSA/ECB/PKCS1Padding is used for encryption and password hash enters encryption as a Base64 byte array
Verify PASSWORD transaction
transaction verification with code = transaction verification code calculated with cryptography in previous step
used parameters:
Parameter
Description
Required
Value example
caseIdtransaction identifier
true
41QHE14SDOdId+d+g9isQVRgpkPKRRAoYWcaLVt//BdW4VjjSf0QfEmMMPzRGo6wl1TCcx5GUtGFr8sfh315Tuj4AT/ea4sSyv9z7Tgklo2RhV9zMhDOh7bBI5vp+uPf
codetransaction verification code
false
kuxejDzuNbSh1z6VGzYqo7Bv90IpfRavzGfxBYN9yl6D549zaSawq6+Cb0RDQLUz+vpFCgPBMHs73AQO1TpkVCACO/XiDfAf6P2ad61pPlXN02+L6fARtxXcOqowuM5AdPQioV4Byo1/guSjsT/BGNL0MpIjw5NgMtpB5NNw24+2PYx+8lzZM25NPTNaylTJNXBiCL3kBV/p68hc2p4EDzSSRjgA0uTH1oNMIqyNXXPOFGCKU9RSylrBnwLpCUkq
methodTypetype of used method
true
["PASSWORD","ACTIVATION_CODE","SMS","CM","SPNEGO","TLS_CLIENT"]
muiduser identifier
true
cg2t1
tenantorganisation name, if not supplied, default value from configuration is taken
false
Monet+
REST API callback:
IAPI/verifyTransaction
POST http://${BASE_URL}/case-iapi/v1/verifyTransaction
{
"tenant": "idport",
"muid": "cg2t1",
"methodType": "PASSWORD",
"caseId": "Vn+tlfJ/sTMUMDxJmgju6qUwClhDXtSq5fcUPO0KN5kn6Ndzq6i9fNFwc5W0uvfJZZNvz2hW0dDyG20z2t97Pg2iRecBqqiLhhEcvn3ikOlgfzInEUIQOQNLUpurej3F",
"code": "aYcztAl2Zf1IJBLLy5zhKOPqMJlZnvzaLb67imDHy01i9eI7jg2iiS1aWSUz9AoXj+VOiiIdOKVth8yE0WsBYgtRS6QC43G3K/xwX9hT0iREO07rZhCTRTgEEf/oDuralbjlI7V8Hr8A7uNPwh6xGnLe8vKKQ9Dk7W2p+NO2kSZ52+eyNDPfQ8FLlsbIBfpn/5YJHMPZOQU/4eqWp27kdk1AxZrLz2i2XUOHetBCh2imeE5xLzDq4cg3+i5xv0sA"
}
{
"status": "success",
"data": {
"instanceInfo": {
"@type": "cz.monetplus.idport.component.model.InstanceInfo",
"instanceId": "PASSWORD:2ab8a723-c4df-4e31-b214-ed6d223b9fb1:cg2t1",
"state": "ACTIVE",
"instanceName": "JMTest - 2020-07-29 08-23-43.923",
"lastAccess": "2020-07-30T00:23:44.060378Z"
}
}
}