Account
Earned badges
Achievement: Latest Unlocked
Replies
Preferences
TID Sandbox
Topic Started
Replies Created
Reply to: How to trigger "2 Different IP Countries in 1 hour"?
Thursday, May 7, 2020 at 12:58pmReply to: How to trigger "2 Different IP Countries in 1 hour"?
Friday, May 8, 2020 at 12:13pmIn order to see the desired result, you will need to register using "objectType": "AdaptiveRegisterUserInput" attribute in your JSON payload, and then login using "objectType": "AdaptiveLoginInput".
When you call "/users/{userID@domain}/login" endpoint the second time simulating an IP from another country, like in step 6, you must receive a "riskResponseCode" attribute with a value that represent the authentication challenge associated with this type of behaviour, for example it could be '2' for "Challenge", or '23' for "ChallengeFingerprint", depending on your Risk Analytics instance setup to step up the authentication. The value for your first login should be '0' for "Accept", if you used the default request body.
Coming to the important part of your question, when you have called "/users/{userID@domain}/events/validate" to validate your login, you should have called the endpoint using "eventType": "LoginAttempt" rather than "eventType": "LoginSuccess", if you take a look into your latest events in Risk Analytics for your login attempts, you will see their event type fields are filled as "LoginAttempt" and not "LoginSuccess", so in step 7, you should have validated using "LoginAttempt" in your request. Then you will have a response body with the same "riskResponseCode" you had following your login attempt, and a "sessionStatus" as "unknown" until you have completed the required authentication.
Please note that if you chose to set up your response code to a value that requires a device to authenticate, like "ChallengeFingerprint", you will need first to activate that device to be your trusted device, otherwise you will receive '409' error code.
Please let me know how it works for you.
Reply to: How to trigger "2 Different IP Countries in 1 hour"?
Friday, May 8, 2020 at 05:39pmI am glad you reached there.
As for the latest error code you had with AdaptiveLoginInput, what seems to cause the issue is in "02-users-login-adaptive-POST_request.txt" file, "sessionID" should have been written with an uppercase D in ID.
Reply to: How to trigger "2 Different IP Countries in 1 hour"?
Friday, May 8, 2020 at 05:56pmYou are welcome. Glad that helped.
Reply to: Error Activation Orchestation Sample SDK Android
Tuesday, May 26, 2020 at 02:39pmHi Oscar,
We are trying to reproduce the issue that you described with the Orchestration SDK sample app. We will get back to you as soon as possible.
Thank you,
Hakim
Subscriptions
| Topics | Replies | Freshness | Views | Users |
|---|---|---|---|---|
I don't know if this is the right place, but... I have test installation of IAS 3.14.xx on Windows 2016. I wanna migrate it to Centos 7 and then upgrade it to 3.21 |
2 | 2 weeks ago | 234 | |
Hi, Could I have an example API call including the header for /events and /transaction events? |
4 | 9 months 4 weeks ago | 189 | |
I have created a OneSpan community account but could not get an access to the features of the Sandbox API. How can I get access to it? |
1 | 2 years 6 months ago | 77 | |
Hi OneSpan, We are going to implement app shielding for RASP. According to the app shielding document, there are several APIs for automated shielding: We have few questions for that: |
2 | 2 years 6 months ago | 268 | |
Hi, Using the Mobile Security Suite, How are the messages sent to and from the mobile application? |
1 | 2 years 6 months ago | 154 |
Hi Josh,
Could you please provide the request payload for your ../users/register API call. While you did indicated that you used LoginInput objectType to login, I need to determine which objectType you have used when you registered, in order to help you with the your inquiry. Please make sure to remove any sensitive data before submission.
Thank you!
Hakim