System Integration

When integrating PowerAuth Cloud stack with the external systems, developers need to solve several typical tasks, such as device registration and operation approvals. This chapter provides a quick overview of the most typical use-cases.

Checking Registration Status

Whenever an external system needs to know the status of a mobile token registration for a given user, it can call the endpoint with registration status.

New Device Registration

To create a new registration, external systems must first request a registration code. The code is typically displayed as a QR code and scanned by the mobile token app. After the mobile token app finishes the key exchange, the external systems may proceed (they either poll the registration status to learn about the change, or receive a proactive callback) by committing the registration.

Operation Approval

There are two types of operation approvals: online (via push message) or offline (via QR code scan).

Online Operation Approval

For online operation approval, external systems must create a new operation. Our stacks takes care of the rest: push notification delivery and data deliver on the mobile device. The external systems can then either poll for the operation status, or wait for the callback from our systems.

Offline Operation Approval

The offline operation approval starts the same way as the online operation approval. The external systems create an operation, but they then request a QR code data for the operation. When the user finishes the activity on the mobile device and receives an OTP value, the external systems can validate the OTP to provide an operation approval verdict.