Security - OTP
Security: OTP require the following security schemes to be valid
- 🔓 Authentication
References: check-out 📱 Enrollment component list of APIs.
When it’s requested by this Mobile SDK, you should be able to request an OTP code.
When should I request an OTP? #
Most of the time, you don’t have to deal with OTP. However, in some cases, it’s possible that you receive the following error:
1
2
3
4
5
6
7
8
9
// ERROR: 'response' object as json
{
"transactionId": "953cfefb-bc72",
"status": "FAILED",
"error": {
"code": 2302,
"label": "Need Strong Authentication"
}
}
In order to use Mobile SDK API you should first perform authentication.
Depending on the API, basic or device enrollment can be required.
Receive OTP code #
When you receive 2302 error, you should request an OTP code withPIN
. Once is done, it will be possible to request the API that trigger the 2302 error code again.
1
2
3
4
5
6
7
pims.get("pims.authentication.otp",
mapOf( /* parameters */
Pair("action", "withPIN",)
Pair("pinCode", "123456")
)
) { message -> /* handle message */ }
1
2
3
4
5
6
7
pims.get(api: "pims.authentication.otp",
parameters: [
"action": "withPIN",
"pinCode": "123456",
]
) { (message) in /* handle message */ }
1
2
3
4
5
6
7
8
// representation of the `succeeded` dictionary object message as JSON
{
"transactionId": "953cfefb-bc72",
"status": "SUCCEEDED",
"result": {
"otp": "otp_code"
}
}
false
Error 2317 & 2312 #
In case of error 2317 or 2312 when using pims.authentication.otp - withPIN, you should use "resetStep": true
in the query. This action will refresh the cache and remove these errors.