Introduction

Enfuce ID is used for handling authentication towards both EnfuceID’s own authentication system and as well to 3rd party authentication systems.

Common

All endpoints will respect and make use of HTTP response codes. Requests and respones are UTF-8 encoded and in a standardized JSON format described here after. A client must be able to handle cases where elements are added to either the request or response, i.e still parsing the content but not act on new elements.

Authentication towards all endpoints are using basic authentication according to RFC 7617.

For the outgoing webhook basic authentication according to RFC 7617 is the method that is supported.

Timeout must be 150 seconds. This means that a 3rd party authentication system has 150 seconds to do a callback with result of authentication. Otherwise Enfuce will respond with timeout to ACS and end user authentication will fail and the callback is invalidated. The 3rd party authentication system can send TIMEOUT as result before the 150 seconds, if they would want to have a shorter timeout.

CustomerNumber in this context is equal to customerNumber in other parts of Enfuce API.| Authentication process in order to verify a 3D Secure purchase is having the following flow within Enfuce ID:

  1. ACS receives incoming request from payment network including merchant information. End user is presented with a landing page. Landing page to be customized with font and 1 picture
  2. ACS calls EnfuceID which is Enfuce internal authentication proxy
  3. EnfuceID will forward the request and then calling 3rd party authentication system
  • Request contains a unique session id (UUID) that authentication system will report back authentication result on
  • It will also contain customer number (3rd party authentication system can if needed lookup more customer information from other parts of Enfuce API
  • EnfuceID expects a HTTP 200 OK response within 2 seconds
  1. Once 3rd party authentication system has got a result they should call the callback endpoint with the result
  2. EnfuceID forwards the result to ACS

For any questions, contact us: