About Mobile SDK Authentication

General information about Mobile SDK Authentication

This document describes the SDK authentication method and the corresponding parameters for the request and the responses passed back. If a merchant develops an app of its own, this method is necessary so that secure authentication takes place via the interface, independently of the app. The authentication is based on a one-off token that is exchanged between and the merchant.

Further information about integration of the SDK can be found within GitHub repository at https://github.com/Computop.

Paymethods and integration

There you will find supported paymethods and details on integration.

There are currently two repositories existing:

Process flow chart

Documentation > Computop Mobile SDK Authentication > Process_flow_SDK_Authentisierung_CT.png

Process flow Mobile SDK Authentication

interface

Mobile SDK authentication process

High level process overview:

Mobile SDK creates authentication request to merchant’s URL endpoint
Merchant’s URL endpoint generates AuthToken and AuthLabel
Merchant’s URL endpoint calls interface with below defined parameters
Merchant’s URL endpoint receives response
Merchant’s URL endpoint responds to Mobile SDK authentication request

For the authentication request, the merchant’s endpoint should accept a POST request with Content-Type: application/json and a JSON body like this:

{

"merchantID" : <_MerchantID>

}

The Mobile SDK expects a JSON object as response from merchant’s endpoint, so merchant’s endpoint needs to create a JSON object with attributes from the response and also the generated AuthToken and AuthLabel like this:

{

"AuthToken“: <generated_token>,

"AuthLabel": <generated_label>,

“ExpiryDate”: <expiry_date_of_token>

"Description": <description_from__response>,

"Status": <status_from__response>,

"Code": <code_from__response>

}

Calling the interface

In order to register a one-off token for encryption on the merchant must transmit the following parameters to via a server-to-server connection. Enter the following URL to do this:

authtoken.aspx

Key	Format	CND	Description	Beschreibung
AuthToken	an16..56	M	Unique token generated by merchant which is used to decrypt the payment request	Eindeutiges von Händler generiertes Token, dass zur Entschlüsselung der Zahlungsanfrage verwendet wird
AuthLabel	an32..64	M	Identifier for the AuthToken used to decrypt the payment request	Bezeichner für das verwendete AuthToken zur Entschlüsselung der Zahlungsanfrage
ExpiryDate	dttm	O	End time of token validity. The maximum period of validity amounts 24 hours. If the value is not specified the token expires after 15 minutes by default.	Endzeitpunkt der Gültigkeit des Tokens. Die maximale Gültigkeitsdauer beträgt 24 Stunden. Wenn der Wert nicht angegeben ist, läuft das Token standardmäßig nach 15 Minuten ab.

Parameters for authentication request

Key	Format	CND	Description	Beschreibung
ExpiryDate	dttm	O	End time of token validity. The maximum period of validity amounts 24 hours. If the value is not specified the token expires after 15 minutes by default.	Endzeitpunkt der Gültigkeit des Tokens. Die maximale Gültigkeitsdauer beträgt 24 Stunden. Wenn der Wert nicht angegeben ist, läuft das Token standardmäßig nach 15 Minuten ab.

Response parameters for authentication request