Contents




→ Updated version will be provided end of 2023


About Mobile SDK Authentication

General information about Mobile SDK Authentication

This document describes the BNP SDK authentication method and the corresponding parameters for the request and the responses passed back. If a merchant develops an app of its own, this method is necessary so that secure authentication takes place via the BNP interface, independently of the app. The authentication is based on a one-off token that is exchanged between BNP and the merchant.

Further information about integration of the SDK can be found within GitHub repository at https://github.com/axepta.

 

Process flow chart



Payment platform interface

Definitions

Data formats:

Format

Description

a

alphabetical

as

alphabetical with special characters

n

numeric

an

alphanumeric

ans

alphanumeric with special characters

ns

numeric with special characters

bool

boolean expression (true or false)

3

fixed length with 3 digits/characters

..3

variable length with maximum 3 digits/characters

enum

enumeration of allowed values

dttm

ISODateTime (YYYY-MM-DDThh:mm:ss)


Abbreviations:

Abbreviation

Description

CND

condition

M

mandatory

O

optional

C

conditional


Notice: Please note that the names of parameters can be returned in upper or lower case.


Mobile SDK authentication process

High level process overview:

  1. Mobile SDK creates authentication request to merchant’s URL endpoint
  2. Merchant’s URL endpoint generates AuthToken and AuthLabel
  3. Merchant’s URL endpoint calls BNP interface with below defined parameters
  4. Merchant’s URL endpoint receives BNP response
  5. Merchant’s URL endpoint responds to Mobile SDK authentication request

 

For the authentication request, the merchant’s endpoint should accept a POST request with Content-Type: application/json and a JSON body like this:

 

{

  "merchantID" : <BNP_MerchantID>

}

The Mobile SDK expects a JSON object as response from merchant’s endpoint, so merchant’s endpoint needs to create a JSON object with attributes from the response and also the generated AuthToken and AuthLabel like this:

   {

        "AuthToken“: <generated_token>,

        "AuthLabel": <generated_label>,

        “ExpiryDate”: <expiry_date_of_token>

        "Description": <description_from_axepta_response>,

        "Status": <status_from_axepta_response>,

        "Code": <code_from_axepta_response>

    }

 

Calling the interface

In order to register a one-off token for encryption on BNP Payment platform, the merchant must transmit the following parameters to BNP via a server-to-server connection. Use the following URL to do this:

https://paymentpage.axepta.bnpparibas/authtoken.aspx


Notice: For security reasons, Payment platform rejects all payment requests with formatting errors. Therefore please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

Parameter

Format

CND

Description

MerchantID

ans..30

M

ID of merchant. Additionally this parameter has to be passed in plain language too.

AuthToken

an16..56

M

Unique token generated by merchant which is used to decrypt the payment request

AuthLabel

an32..64

M

Identifier for the AuthToken used to decrypt the payment request

ExpiryDate

dttm

O

End time of token validity. The maximum period of validity amounts 24 hours. If the value is not specified the token expires after 15 minutes by default.

The following table describes the Payment platform response parameters:

Parameter

Format

CND

Description

MID

ans..30

M

ID of merchant

Status

a..30

M

OK or FAILED

Description

ans..1024

M

More detailed description of the values for Status and Code. Please do not use the Description but the Code parameter for the transaction status analysis!

Code

n8

M

Error code according to Paygate Response Codes Excel file

ExpiryDate

dttm

M

End time of token validity. Either default value or return of the value of request.

  • No labels