Earned badges

Earned badges

Achievement: Latest Unlocked

Topic Started

This user has not created any forum posts.

Replies Created

Reply to: How to trigger "2 Different IP Countries in 1 hour"?

0 votes

Hi Josh,

Could you please provide the request payload for your ../users/register API call.  While you did indicated that you used LoginInput objectType to login, I need to determine which objectType you have used when you registered, in order to help you with the your inquiry. Please make sure to remove any sensitive data before submission.

Thank you!


Reply to: How to trigger "2 Different IP Countries in 1 hour"?

2 votes

In order to see the desired result, you will need to register using "objectType": "AdaptiveRegisterUserInput" attribute in your JSON payload, and then login using "objectType": "AdaptiveLoginInput".  

When you call "/users/{[email protected]}/login" endpoint the second time simulating an IP from another country, like in step 6, you must receive a "riskResponseCode" attribute with a value that represent the authentication challenge associated with this type of behaviour, for example it could be '2' for "Challenge", or '23' for "ChallengeFingerprint", depending on your Risk Analytics instance setup to step up the authentication.  The value for your first login should be '0' for "Accept", if you used the default request body.

Coming to the important part of your question, when you have called "/users/{[email protected]}/events/validate" to validate your login, you should have called the endpoint using "eventType": "LoginAttempt" rather than "eventType": "LoginSuccess", if you take a look into your latest events in Risk Analytics for your login attempts, you will see their event type fields are filled as "LoginAttempt" and not "LoginSuccess", so in step 7, you should have validated using "LoginAttempt" in your request.  Then you will have a response body with the same "riskResponseCode" you had following your login attempt, and a "sessionStatus" as "unknown" until you have completed the required authentication. 

Please note that if you chose to set up your response code to a value that requires a device to authenticate, like "ChallengeFingerprint", you will need first to activate that device to be your trusted device, otherwise you will receive '409' error code.

Please let me know how it works for you.

Reply to: How to trigger "2 Different IP Countries in 1 hour"?

0 votes

I am glad you reached there.

As for the latest error code you had with AdaptiveLoginInput, what seems to cause the issue is in "02-users-login-adaptive-POST_request.txt" file, "sessionID" should have been written with an uppercase D in ID.


Topics Replies Freshness Views Users


Where can I download the cddc.esm file and CDDC ModernUI Sample app (if any) ?



1 3 days 2 hours ago 10
3 1 month 1 week ago 33
3 2 months 2 weeks ago 61

In our Android application, we enabled the UserAuthenticationCallback.

2 2 weeks 3 days ago 66


I'm currently looking for API features for our Appliance 7000 Type AG7552. Is this the same API system uses as the Inteligent Adaptive Authentication?

4 3 days 10 hours ago 45

Code Share

This user has not submitted any code shares.