FMoP TOTP MCF Plugin
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage

Challenge

Start a TOTP step-up authentication cycle

Assuming a previous analyze() call returned an CHALLENGE outcome for a TOTP authentication, the next step involves invoking the challenge() FMoP API method to start the authentication cycle.

SOAP element Required Type Description
uniqueID false string The uniqueId of the instance to be used for this authentication cycle. If not provided, the default instance will be used.
correlationId false string A correlation ID used for logging/auditing purposes only. This will be written to logfiles.

Sample updateUser() SOAP request: 

<?xml version="1.0" encoding="UTF-8"?><S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header/>
  <S:Body>
    <challenge xmlns="http://ws.csd.rsa.com" xmlns:ns2="http://totp.mcf.safearea.com.au" xmlns:ns3="http://ws.kba.csd.rsa.com" xmlns:ns4="http://ws.oobgen.csd.rsa.com" xmlns:ns5="http://trx.csd.rsa.com" xmlns:ns6="http://ws.oobsms.csd.rsa.com" xmlns:ns7="http://ws.oobbio.csd.rsa.com" xmlns:ns8="http://ws.otpmobileapp.csd.rsa.com">
      <request>
        <identificationData>
          <orgName>TOTP</orgName>
          <sessionId>7df7-:48669175981:a285a7e7||1689349963060</sessionId>
          <transactionId>6df7-:48669175981:a285a7e7_TRX</transactionId>
          <userName>167659479</userName>
          <userStatus>VERIFIED</userStatus>
          <userType>PERSISTENT</userType>
        </identificationData>
        <messageHeader>
          <apiType>DIRECT_SOAP_API</apiType>
          <requestType>CHALLENGE</requestType>
          <version>7.0</version>
        </messageHeader>
        <securityHeader>
          <callerCredential>*****</callerCredential>
          <callerId>test</callerId>
          <method>PASSWORD</method>
        </securityHeader>
        <credentialChallengeRequestList>
          <acspChallengeRequestData>
            <payload xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="ns2:TOTPChallengeRequest">
              <ns2:correlationId>93044980380-34243274837-324734832</ns2:correlationId>
            </payload>
          </acspChallengeRequestData>
        </credentialChallengeRequestList>
      </request>
    </challenge>
  </S:Body>
</S:Envelope>

Sample response:

SOAP element Always present? Type Description
resultCode Yes string Value will be set to SUCCESS if successful. Other values indicate failure.
deviceName Yes, if success string The device name set by the end user, if it was set.
uniqueID Yes, if success string The uniqueId of the TOTP instance to be used for this authentication cycle. 
<?xml version="1.0" encoding="UTF-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header/>
  <soapenv:Body>
    <ns1:challengeResponse xmlns:ns1="http://ws.csd.rsa.com">
      <ns1:challengeReturn xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="ns1:ChallengeResponse">
        <ns1:identificationData>
          <ns1:delegated>false</ns1:delegated>
          <ns1:orgName>TOTP</ns1:orgName>
          <ns1:sessionId>7df7-:48669175981:a285a7e7||1689349963060</ns1:sessionId>
          <ns1:transactionId>6df7-:48669175981:a285a7e7_TRX</ns1:transactionId>
          <ns1:userName>167659479</ns1:userName>
          <ns1:userStatus>VERIFIED</ns1:userStatus>
          <ns1:userType>PERSISTENT</ns1:userType>
        </ns1:identificationData>
        <ns1:messageHeader>
          <ns1:apiType>DIRECT_SOAP_API</ns1:apiType>
          <ns1:requestType>CHALLENGE</ns1:requestType>
          <ns1:timeStamp>2023-07-15T01:42:49.565Z</ns1:timeStamp>
          <ns1:version>7.0</ns1:version>
        </ns1:messageHeader>
        <ns1:statusHeader>
          <ns1:reasonCode>0</ns1:reasonCode>
          <ns1:reasonDescription>Operations were completed successfully

</ns1:reasonDescription>
          <ns1:statusCode>200</ns1:statusCode>
        </ns1:statusHeader>
        <ns1:credentialChallengeList xsi:type="ns1:CredentialChallengeList">
          <ns1:acspChallengeResponseData>
            <ns1:acspAccountId>167659479@TOTP</ns1:acspAccountId>
            <ns1:callStatus>
              <ns1:statusCode>SUCCESS</ns1:statusCode>
              <ns1:statusDescription/>
            </ns1:callStatus>
            <ns1:payload xmlns:ns2="http://totp.mcf.safearea.com.au" xsi:type="ns2:TOTPChallengeResponse">
              <ns2:uniqueID>l9ggs5YI</ns2:uniqueID>
              <ns2:deviceName>Mike's phone</ns2:deviceName>
              <ns2:resultCode>SUCCESS</ns2:resultCode>
              <ns2:resultMessage>Default TOTP Instance will be used.</ns2:resultMessage>
              <ns2:remainingAttempts>3</ns2:remainingAttempts>
            </ns1:payload>
          </ns1:acspChallengeResponseData>
        </ns1:credentialChallengeList>
      </ns1:challengeReturn>
    </ns1:challengeResponse>
  </soapenv:Body>
</soapenv:Envelope>