Cloud Identity

IBM Verify: Custom Verification Data

Share this post:

The release of IBM Verify v2.1.1 (iOS) and v2.1.0 (Android) brings new functionality enhancing the user experience when approving or denying a transaction.

In this article I’ll show you how to send additional transaction information to IBM Verify with IBM Cloud Identity Verify (CIV).

Getting Started

CIV is predominately API driven, so we’ll be using a cURL command to create a new vertification with custom data.  You add your custom transaction attributes in the additionalData section.  So let’s assume that you’ve registered an authenticator with IBM Verify against your CIV tenant, the JSON payload we’re sending is as follows.

{
    "transactionData": {
        "message": "Thanks for dining with us, your bill came to \u20AC87.33 ",
        "originIpAddress": "192.168.222.222",
        "originUserAgent": "Mozilla Firefox 11",
        "additionalData": [
            {
                "name": "Name",
                "value": "Cantina e Cucina \ud83c\udf55"
            },
            {
                "name": "originLocation",
                "value": "Via del Governo Vecchio, 87, 00186 Roma RM, Italy"
            }
        ]
    },
    "pushNotification": {
        "message": "There is an action that needs your attention",
        "send": true,
        "sound": true
    },
    "authenticationMethods": [
        {
            "id": "22537daa-9577-4a8f-8c46-06a35df83123",
            "methodType": "signature"
        }
    ],
    "logic": "OR",
    "expiresIn": 600
}

In cURL the above payload can be represented as:

curl -X POST \
  https://yourtenant.ice.ibmcloud.com/v1.0/authenticators/0efee45b-04c4-4dea-8660-2bea6597507d/verifications \
  -H ': ' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer gkLjS9Z7GaW1XzWy5pjGSfblEySl49GRAnH4gabc' \
  -H 'Content-Type: application/json' \
  -d '{
    "transactionData": {
        "message": "Thanks for dining with us, your bill came to \u20AC87.33 ",
        "originIpAddress": "192.168.222.222",
        "originUserAgent": "Mozilla Firefox 11",
        "additionalData": [
            {
                "name": "Name",
                "value": "Cantina e Cucina \ud83c\udf55"
            },
            {
                "name": "originLocation",
                "value": "Via del Governo Vecchio, 87, 00186 Roma RM, Italy"
            }
        ]
    },
    "pushNotification": {
        "message": "There is an action that needs your attention",
        "send": true,
        "sound": true
    },
    "authenticationMethods": [
        {
            "id": "22537daa-9577-4a8f-8c46-06a35df83123",
            "methodType": "signature"
        }
    ],
    "logic": "OR",
    "expiresIn": 600
}'

Transaction Output

You’ll find originIpAddress and originUserAgent are mandatory attributes in the payload, so ensure you source this information before invoking the /verifications API.

 

Click here to rate this article

Rate this article :

More Cloud Identity stories
By Martin Schmidt on July 11, 2019

Modernizing your B2C Portal Security – LDAP Proxy Deep Dive

In this part of our series we are taking a deeper look on how the LDAP reverse proxy works and what is needed to be done to make it work. Enable CI In this part we look at what needs to be done on the CI side and what information needs to be collected. We […]

Continue reading