AOTP queries - Javascript library generateOTP invocation

book

Article ID: 106153

calendar_today

Updated On:

Products

CA Rapid App Security CA Advanced Authentication CA API Gateway

Issue/Introduction



We have now concluded our proof of concept excerise around dynamic linking via the AOTP.
We have the following questions:
We were informed in previous correspondance that the correct way to generate an OTP that is linked to the transaction data was to pass in an additional parameter with a key name of P_UN. We tried this and it did not work. Looking inside the arcototp.js library we see that infact the property "un" is used, we tried the following and it appears to work:

var params = {} params["un"] = "exampleTransactionSigningData";
var passcode = arcotClient.generateOTP(account.id, password, params);

However there is no documentation supporting this. Can we have official confirmation that this is the correct way to invoke the JavaScript client library, and if not, can we have confirmation of the correct way to invoke it.

Environment

Release:
Component: WEBFRT

Resolution

Following code snippet is a valid way to pass challenge data for the OCRA Transaction Signing:-
var params = {} params["un"] = "exampleTransactionSigningData";
var passcode = arcotClient.generateOTP(account.id, password, params);