Mobile SDK

iOS or Android

Security - OTP

Info: Stellantis Mobile SDK for ex Groupe PSA brands (Citroën, DS, Peugeot, Opel and Vauxhall) is not publicly available yet.

Security: OTP require the following security schemes to be valid

References: check-out 📱 Enrollment component list of APIs.

When it’s requested by this Mobile SDK, you should be able to request an OTP code.

When should I request an OTP? #

Most of the time, you don’t have to deal with OTP. However, in some cases, it’s possible that you receive the following error:

Need Strong Auth Response
1
2
3
4
5
6
7
8
9
// ERROR: 'response' object as json
{
  "transactionId": "953cfefb-bc72",
  "status": "FAILED",
  "error": {
    "code": 2302,
    "label": "Need Strong Authentication"
  }
}

In order to use Mobile SDK API you should first perform authentication.

Depending on the API, basic or device enrollment can be required.

Receive OTP code #

When you receive 2302 error, you should request an OTP code withPIN. Once is done, it will be possible to request the API that trigger the 2302 error code again.

1
2
3
4
5
6
7
pims.get("pims.authentication.otp",
  mapOf( /* parameters */
  Pair("action", "withPIN",)
  Pair("pinCode", "123456")
  )
) { message -> /* handle message */ }
1
2
3
4
5
6
7
pims.get(api: "pims.authentication.otp", 
  parameters: [
  "action": "withPIN",
  "pinCode": "123456",
  ]
) { (message) in /* handle message */ }
1
2
3
4
5
6
7
8
// representation of the `succeeded` dictionary object message as JSON
{
  "transactionId": "953cfefb-bc72",
  "status": "SUCCEEDED",
  "result": {
    "otp": "otp_code"
  }
}

false

Error 2317 & 2312 #

In case of error 2317 or 2312 when using pims.authentication.otp - withPIN, you should use "resetStep": true in the query. This action will refresh the cache and remove these errors.