FMoP TOTP MCF Plugin
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage

Authenticate

Start a TOTP step-up authentication cycle

Assuming a previous analyze() call returned an CHALLENGE outcome for a TOTP authentication, the next step involves invoking the challenge() FMoP API method to start the authentication cycle.

SOAP element Required Type Description
TOTP true string The OTP that was generated by the end-user’s mobile application.
correlationId false string A correlation ID used for logging/auditing purposes only. This will be written to logfiles.

Sample updateUser() SOAP request: 

<?xml version="1.0" encoding="UTF-8"?><S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header/>
  <S:Body>
    <authenticate xmlns="http://ws.csd.rsa.com" xmlns:ns2="http://totp.mcf.safearea.com.au" xmlns:ns3="http://ws.kba.csd.rsa.com" xmlns:ns4="http://ws.oobgen.csd.rsa.com" xmlns:ns5="http://trx.csd.rsa.com" xmlns:ns6="http://ws.oobsms.csd.rsa.com" xmlns:ns7="http://ws.oobbio.csd.rsa.com" xmlns:ns8="http://ws.otpmobileapp.csd.rsa.com">
      <request>
        <identificationData>
          <orgName>TOTP</orgName>
          <sessionId>7df7-:48669175981:a285a7e7||1689349963060</sessionId>
          <transactionId>6df7-:48669175981:a285a7e7_TRX</transactionId>
          <userName>167659479</userName>
          <userStatus>VERIFIED</userStatus>
          <userType>PERSISTENT</userType>
        </identificationData>
        <messageHeader>
          <apiType>DIRECT_SOAP_API</apiType>
          <requestType>AUTHENTICATE</requestType>
          <version>7.0</version>
        </messageHeader>
        <securityHeader>
          <callerCredential>*****</callerCredential>
          <callerId>test</callerId>
          <method>PASSWORD</method>
        </securityHeader>
        <credentialDataList>
          <acspAuthenticationRequestData>
            <payload xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="ns2:TOTPAuthenticationRequest">
              <ns2:TOTP>33333</ns2:TOTP>
              <ns2:correlationId>93044980380-34243274837-324734832</ns2:correlationId>
            </payload>
          </acspAuthenticationRequestData>
        </credentialDataList>
      </request>
    </authenticate>
  </S:Body>
</S:Envelope>

Sample response:

SOAP element Always present? Type Description
statusCode Yes string Refer to the FMoP API documentation. Will be set to FAIL if the incorrect OTP was provided. The FMoP own failure counter will be incremented by 1.
resultCode Yes string Value will be set to OTP_CORRECT if the correct OTP was provided. Other values indicate failure.
resultMessage Yes string A explanatory message related to the outcome of this operation.
remainingAttempts Yes long The number of remaining attempts before this TOTP instance will be suspended. 
<?xml version="1.0" encoding="UTF-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header/>
  <soapenv:Body>
    <ns1:authenticateResponse xmlns:ns1="http://ws.csd.rsa.com">
      <ns1:authenticateReturn xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="ns1:AuthenticateResponse">
        <ns1:identificationData>
          <ns1:delegated>false</ns1:delegated>
          <ns1:orgName>TOTP</ns1:orgName>
          <ns1:sessionId>7df7-:48669175981:a285a7e7||1689349963060</ns1:sessionId>
          <ns1:transactionId>6df7-:48669175981:a285a7e7_TRX</ns1:transactionId>
          <ns1:userName>167659479</ns1:userName>
          <ns1:userStatus>VERIFIED</ns1:userStatus>
          <ns1:userType>PERSISTENT</ns1:userType>
        </ns1:identificationData>
        <ns1:messageHeader>
          <ns1:apiType>DIRECT_SOAP_API</ns1:apiType>
          <ns1:requestType>AUTHENTICATE</ns1:requestType>
          <ns1:timeStamp>2023-07-15T01:52:42.485Z</ns1:timeStamp>
          <ns1:version>7.0</ns1:version>
        </ns1:messageHeader>
        <ns1:statusHeader>
          <ns1:reasonCode>0</ns1:reasonCode>
          <ns1:reasonDescription>Operations were completed successfully

</ns1:reasonDescription>
          <ns1:statusCode>200</ns1:statusCode>
        </ns1:statusHeader>
        <ns1:credentialAuthResultList xsi:type="ns1:CredentialAuthResultList">
          <ns1:acspAuthenticationResponseData>
            <ns1:acspAccountId>167659479@TOTP</ns1:acspAccountId>
            <ns1:callStatus>
              <ns1:statusCode>FAIL</ns1:statusCode>
              <ns1:statusDescription/>
            </ns1:callStatus>
            <ns1:payload xmlns:ns2="http://totp.mcf.safearea.com.au" xsi:type="ns2:TOTPAuthenticationResponse">
              <ns2:resultCode>OTP_INCORRECT</ns2:resultCode>
              <ns2:resultMessage>Incorrect TOTP - 1002</ns2:resultMessage>
              <ns2:remainingAttempts>2</ns2:remainingAttempts>
            </ns1:payload>
          </ns1:acspAuthenticationResponseData>
        </ns1:credentialAuthResultList>
        <ns1:requiredCredentialList>
          <ns1:requiredCredential>
            <ns1:credentialType>USER_DEFINED</ns1:credentialType>
            <ns1:genericCredentialType>TOTP</ns1:genericCredentialType>
            <ns1:groupName>DEFAULT</ns1:groupName>
            <ns1:preference>0</ns1:preference>
            <ns1:required>true</ns1:required>
          </ns1:requiredCredential>
        </ns1:requiredCredentialList>
      </ns1:authenticateReturn>
    </ns1:authenticateResponse>
  </soapenv:Body>
</soapenv:Envelope>