IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

IBM Verify: Custom Verification Data

By Craig Pearson posted Fri April 05, 2019 12:00 AM

  
The release of IBM Verify v2.1.1 (iOS) and v2.1.0 (Android) brings new functionality enhancing the user experience when approving or denying a transaction.


In this article I’ll show you how to send additional transaction information to IBM Verify with IBM Cloud Identity Verify (CIV).

Getting Started


CIV is predominately API driven, so we’ll be using a cURL command to create a new vertification with custom data.  You add your custom transaction attributes in the additionalData section.  So let’s assume that you’ve registered an authenticator with IBM Verify against your CIV tenant, the JSON payload we’re sending is as follows.

{
    "transactionData": {
        "message": "Thanks for dining with us, your bill came to \u20AC87.33 ",
        "originIpAddress": "192.168.222.222",
        "originUserAgent": "Mozilla Firefox 11",
        "additionalData": [
            {
                "name": "Name",
                "value": "Cantina e Cucina \ud83c\udf55"
            },
            {
                "name": "originLocation",
                "value": "Via del Governo Vecchio, 87, 00186 Roma RM, Italy"
            }
        ]
    },
    "pushNotification": {
        "message": "There is an action that needs your attention",
        "send": true,
        "sound": true
    },
    "authenticationMethods": [
        {
            "id": "22537daa-9577-4a8f-8c46-06a35df83123",
            "methodType": "signature"
        }
    ],
    "logic": "OR",
    "expiresIn": 600
}


In cURL the above payload can be represented as:

curl -X POST \
  https://yourtenant.ice.ibmcloud.com/v1.0/authenticators/0efee45b-04c4-4dea-8660-2bea6597507d/verifications \
  -H ': ' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer gkLjS9Z7GaW1XzWy5pjGSfblEySl49GRAnH4gabc' \
  -H 'Content-Type: application/json' \
  -d '{
    "transactionData": {
        "message": "Thanks for dining with us, your bill came to \u20AC87.33 ",
        "originIpAddress": "192.168.222.222",
        "originUserAgent": "Mozilla Firefox 11",
        "additionalData": [
            {
                "name": "Name",
                "value": "Cantina e Cucina \ud83c\udf55"
            },
            {
                "name": "originLocation",
                "value": "Via del Governo Vecchio, 87, 00186 Roma RM, Italy"
            }
        ]
    },
    "pushNotification": {
        "message": "There is an action that needs your attention",
        "send": true,
        "sound": true
    },
    "authenticationMethods": [
        {
            "id": "22537daa-9577-4a8f-8c46-06a35df83123",
            "methodType": "signature"
        }
    ],
    "logic": "OR",
    "expiresIn": 600
}'


Transaction Output


You’ll find originIpAddress and originUserAgent are mandatory attributes in the payload, so ensure you source this information before invoking the /verifications API.



0 comments
18 views

Permalink

https://community.ibm.com/community/user/blogs/craig-pearson1/2019/04/05/ibm-verify-custom-verification-data