Digipass Activation Workflow with Platform API's

0 votes

I'm trying to piece all of the elements together to build workflows with your APIs, but there are some gaps in my understanding that I need to fill in. The workflows I'm trying to build are Digipass Activation and Login/Challenge/Response. I'll post my questions about the Login/Challenge/Response in another thread.

I'm using Integrating End-User Registration and Digipass Activation as a guide. While the sequence diagrams that are very helpful, I'm not able to match all of the steps to API calls.

This is what I think I have so far for the Digipass Activation workflow.

  1. Call /users/register to put the user into the system.
    * I get activationPassword, riskResponse, and serialNumber, but I don't get a registrationID. Is this expected? I think I might not need it since I get one when I call /registrations in step 3.
    * I'm not sure what to do with the activationPassword. None of the other API's I think I need for this workflow seem to require it.
  2. Call either /authenticators/{serialNumber}/generate-activation-data or /authenticators/{serialNumber}/generate-activation-message, using the serialNumber from /users/register.
    * What is the difference between /authenticators/{serialNumber}/generate-activation-data and /authenticators/{serialNumber}/generate-activation-message? When would I use one vs the other?
    * Is this where I get the deviceCode I will need to call /registrations?

  3. Call /registrations with the activationData or activationMessage from step 2 as the deviceCode and the serialNumber from step 1.
    * I'm not sure about steps 2 and 3. I believe I need to call this one to get a registrationID, but I'm not sure what I need to pass in as the deviceCode parameter. If it isn't the activationData or activationMessage from step 2, then where do I get the deviceCode?
  4. Call /visualcodes/render with the activationMessage2 as the message parameter to generate the CRONTO image.
    * Is this the correct value to use as the message parameter, or where else should I get this?
  5. Display the CRONTO image to the user through my application.
  6. Does the device become activated automatically when the user scans the CRONTO image, or do I need to poll /registrations/check-status until I get an activationStatus of "activated" and then call /registrations/{registrationID}/activate myself?


Reply to: Digipass Activation Workflow with Platform API's

1 votes


I am trying to test the same flow but i have some differences:

  1. Register user pretty much as you do
  2. In step 2 i call /authenticators/{serialNumber}/generate-activation-message
  3. The response from Step 2 is pass down to render the CRONTO image.
  4. Then i should call /registrations and put the code readed from the CRONTO image as deviceCode
  5. Make a new call to render CRONTO image using activationMessage2 returned in registrations response
  6. call /registrations/{registrationID}/activate

I attached two images showing the flow i am trying to implement

I am currently at step 3 trying to get de code from CRONTO image so i have not tested the entire flow.

Hope this will help you out!



flow 1.png59.21 KB
flow2.png57.33 KB

Reply to: Digipass Activation Workflow with Platform API's

0 votes

Hi Josh,

In order to help you with your questions, could you please provide the JSON payload for the calls, to see the registration flow that you have followed?

Thank you!



Reply to: Digipass Activation Workflow with Platform API's

0 votes

Request and response bodies for /user/register are attached.

My question is more about what workflow to follow to activate a digipass. The API sandbox lists all of the API's, but I can't find a doc that says what order I need to call them to implement specific workflows, and I have questions about what I'm supposed to pass in for some of the arguments.


Reply to: Digipass Activation Workflow with Platform API's

0 votes

Hi Josh, 

It seems that you are following an online activation flow.  For that, you won't need the DeviceCode or the /registrations endpoint call.  All you need to do for a secure activation is to enter your userID and the activationPassword that you acquired from/users/register endpoint, into the mobile app that you have the Orchestration SDK integrated to. The deviceCode will then be embedded in the orchestration command, and the device will be automatically activated in this flow.

Please notice that the activationPassword is time limited to 10 minutes after the generation.

I hope that helps


Hello! Looks like you're enjoying the discussion, but haven't signed up for an account.

When you create an account, we remember exactly what you've read, so you always come right back where you left off