VIP AuthHub Not registering Device during IA RISK call in Postman
search cancel

VIP AuthHub Not registering Device during IA RISK call in Postman

book

Article ID: 371656

calendar_today

Updated On:

Products

VIP Authentication Hub

Issue/Introduction

We are making a RISK Evaluator call: https://{{sspHost}}/{{apiPathTenant}}/iarisk/v1/UserRiskScoreEvaluator with below payload details...

{
    "identitySourceId": "<identitySourceId-optional-payload>",
    "userId": "xxxxx",
    "ipAddress": "x.x.x.x",
    "userAgent": "PostmanRuntime/7.26.5",
    "action":"SIGNIN",
    
    "keyValuePair": [
        {
            "key": "deviceSignature",
            "value": "_v02MyUgNGgYOi88OTk0emB7ZXV9Ajw7MToiJnUbAXVkZXtlbnUCPDtjY................"
        }
        
    ]
    
}

I got a response saying below...

{
"risky":true,
"riskScore":100,
"riskThreshold":100,
"riskReason":"Device recognition",
"eventId":"54878",
"userId":"xxxxxx",
"keyValuePair":[
{
"key":"device.registered",
"value":"false"
},
{
"key":"device.registered.reason",
"value":"Registered device not detected: unrecognized device"
},
{
"key":"device.shared",
"value":"false"
},
{
"key":"device.tag",
"value":"9896e901ef50481789dbeaaaf22883c2"
},
 
 
I made a feedback call: https://{{sspHost}}/{{apiPathTenant}}/iarisk/v1/PostUserRiskScoreEvaluator with below payload...
 
{
    "identitySourceId": "<identitySourceId-optional-payload>",
    "userId": "xxxxx",
    "eventId": "54877",
    "riskConfirmed": false,
    "verifyMethod": "DENYRISK",
    "action": "SIGNIN",
    "rememberDevice": true,
    "keyValuePair": [
        {
            "key": "deviceSignature",
            "value": "_v02MyUgNGgYOi88OTk0emB7ZXV9Ajw7MToiJnUbAXVkZXtlbnUCPDtjY.................."
        }
    ]
}
 
Here is the response back...from the feedback call...
{
"userId":"xxxxx",
"eventId":"54877",
"status":"success",
"keyValuePair":[
{
"key":"device.feedback",
"value":"false"
}
],
"internalKeyValuePair":[
{
"key":"be.feedback",
"value":"true"
},
{
"key":"input.userid",
"value":"26c0ab4a-e384-40dc-86d9-31ee9d64630b"
},
{
"key":"input.vipaccount",
"value":"937ad76f-9b35-4cb2-95a5-0b3db2fe0fd8"
},
{
"key":"re.feedback.case.casestatus",
"value":"3"
},
{
"key":"re.feedback.case.id",
"value":"13418"
},
{
"key":"re.feedback.case.modifieddate",
"value":"Fri Jun 28 15:41:47 GMT 2024"
},
{
"key":"re.feedback.case.verifymethod",
"value":"DENYRISK"
},
{
"key":"re.feedback.denyrisk",
"value":"true"
},
{
"key":"re.feedback.suspiciousevent.id",
"value":"13618"
},
{
"key":"re.feedback.suspiciousevent.newstatus",
"value":"UNSUSPICIOUS"
},
{
"key":"re.feedback.suspiciousevent.oldstatus",
"value":"UNDETERMINED"
}
]
}
 
 
Now, if I make a first RISK Evaluator call to https://{{sspHost}}/{{apiPathTenant}}/iarisk/v1/UserRiskScoreEvaluator, I still get high risk of 100 as below.. so why every time the device is unrecognized even from the same computer with postman etc...
 
{
    "risky": true,
    "riskScore": 100,
    "riskThreshold": 100,
    "riskReason": "Device recognition",
    "eventId": "54883",
    "userId": "xxxxxx",
    "keyValuePair": [
        {
            "key": "device.registered",
            "value": "false"
        },
        {
            "key": "device.registered.reason",
            "value": "Registered device not detected: unrecognized device"
        },
        {
            "key": "device.shared",
            "value": "false"
        },
        {
            "key": "device.tag",
            "value": "3d37d5d98df34e45ad729147be4ef3dc"
        },
        {
            "key": "location.ip.coordinates",
            "value": "39.006,-77.429"
        },
        {
            "key": "location.ip.country.state.city",
            "value": "united states/virginia/sterling"
        }
    ],
    "rulesTriggered": [
        {
            "ruleName": "Device recognition",
            "reason": " unrecognized device. ",
            "additionalDetails": [
                {
                    "key": "deviceRegistered",
                    "value": "false"
                },
                {
                    "key": "deviceRegisteredReason",
                    "value": "Registered device not detected: unrecognized device"
                },
                {
                    "key": "deviceShared",
                    "value": "false"
                },
                {
                    "key": "deviceTag",
                    "value": "3d37d5d98df34e45ad729147be4ef3dc"
                },
                {
                    "key": "deviceIssuedRawTag",
                    "value": "3d37d5d98df34e45ad729147be4ef3dc"
                }
            ]
        }
    ]
}

Environment

VIP AuthHub 3.1.1

Resolution

When we test from the Postman tool, The device signature in the RiskEval and PostRiskEval are exactly the same. In real situations when the signature is generated by the risk SDK in the browser, the payloads will be different because PostRiskEval will have the device tag embedded in the signature. We need to pass the device tag that is generated as part of RiskEval API to PostRiskEval device signature then the device will be trusted.

This can be tested using the SampleApp or SDK but using Postman it is not possible unless you copy the data from a browser transaction into the API's.

Powered by Wolken Software