This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
integration:transactions [2018/05/18 11:01] 10.144.24.34 |
integration:transactions [2018/05/18 11:03] 10.144.24.34 |
||
---|---|---|---|
Line 8: | Line 8: | ||
This scenario is available for smart phones only. User must be logged in AAA Reverse Proxy. | This scenario is available for smart phones only. User must be logged in AAA Reverse Proxy. | ||
- Call AAA Reverse Proxy push transaction method (standard http request) providing confirmation text and verification level (personal factor, bio factor, no second factor) | - Call AAA Reverse Proxy push transaction method (standard http request) providing confirmation text and verification level (personal factor, bio factor, no second factor) | ||
- | Then AAA Reverse Proxy creates a request and sends it via push notification to user’s smart phone | + | * Then AAA Reverse Proxy creates a request and sends it via push notification to user’s smart phone |
- | Request is processed via PEIG <br>User confirms it and provides personal factor | + | |
- | AAA Reverse Proxy evaluates request and sends a response back to service provider applications | + | * User confirms it and provides personal factor |
+ | | ||
- Read response (JSON) and parse it | - Read response (JSON) and parse it | ||
- Evaluate success / failure: OK, User rejected, Wrong personal factor, etc. | - Evaluate success / failure: OK, User rejected, Wrong personal factor, etc. | ||
Line 26: | Line 27: | ||
- Call AAA Reverse Proxy transaction method (standard http request) providing confirmation text, return URL and verification level (personal factor, bio factor, no second factor) | - Call AAA Reverse Proxy transaction method (standard http request) providing confirmation text, return URL and verification level (personal factor, bio factor, no second factor) | ||
- Redirect to AAA Reverse Proxy transaction (must be in the same https context) | - Redirect to AAA Reverse Proxy transaction (must be in the same https context) | ||
- | Now ADUCID integration code call PEIG or display a QR code | + | Now ADUCID integration code call PEIG or display a QR |
- | Request is processed via PEIG (directly or QR scan) | + | |
- | User confirms it and provides personal factor | + | |
- | User is redirected back to application (return URL) | + | |
- | AAA Reverse Proxy writes transaction status to http header | + | |
- Now service provider has to read transaction status from http header i.e. evaluate success / failure: OK, User rejected, Wrong personal factor, etc. | - Now service provider has to read transaction status from http header i.e. evaluate success / failure: OK, User rejected, Wrong personal factor, etc. | ||