Select release
Overview

Introduction

Basic Definitions

Components

Web Flow Architecture

OAuth 2.1 Integration

User’s Guide

Applications

Web Flow Server

Next Step Server

TPP Engine

Data Adapter

PowerAuth Server

PowerAuth Admin

PowerAuth Push Server

REST APIs

NextStep Server REST API Reference

Data Adapter REST API Reference

Web Flow REST API Reference

Mobile Push Registration API

Mobile Token REST API Reference

Deployment

Web Flow Installation Manual

Deploying Web Flow on JBoss / Wildfly

Database Table Structure

Migration Instructions

Docker Deployment

Customizing Web Flow

Customizing Web Flow Appearance

Implementing Data Adapter Interface

Web Flow Configuration

Configuring Next Step

Customizing Operation Form Data

Mobile Token Configuration

Technical Notes

Operation Data Structure

Off-line Signatures QR Code

Web Socket Communication Protocol

Used Push Message Extras

Development

Compilation, Packaging and Deployment

Releases

Releases

Used Push Message Extras

Edit on Github Send Feedback develop

During the Mobile Token authentication and authorization, PowerAuth Web Flow may send the following push messages to the Mobile Token app:

  • messageType (required) - message type, one of the following values:
    • mtoken.operationInit - in case a new operation was triggered
    • mtoken.operationFinished - in case the operation was finished, successfully or non-successfully
  • mtokenOperationResult (required only in case of a finished operation, messageType = mtoken.operationFinished, otherwise ignored) - this key contains more information about the operation finish result, namely one of the following values:
    • authentication.success - the operation was successfully confirmed
    • authentication.fail - the operation failed to confirm
    • operation.timeout - the operation expired
    • operation.canceled - the operation was canceled by the user
    • operation.methodNotAvailable - (rare) mobile token authentication method was removed from the user
  • operationId (required) - operation ID, in UUID format
  • operationName (required) - operation name, for example, “login” or “authorize_payment”
  • activationId (optional) - activation ID representing the activation to which the push notification was sent (if known)

Please note that push notifications work on the “best effort” principle, so applications must not rely on them. For example, apps can use notifications to respond more promptly to events on the desktop web browser (i.e., canceling the operation by clicking the “Cancel” button on the web).

Last updated on Mar 22, 2024 (00:58) Edit on Github Send Feedback
On this page:
Search

develop

PowerAuth Web Flow