Multi Factor Authentication Questions
Multi Factor Authentication Questions is a jXchange service designed to provide consumer with the multi factor authentication questions available for selection by an end consumer.
Message Flow
In jXchange, the Multi Factor Authentication Questions service uses a typical exchange of
MType
messages to provide MFA questions for an end-user to choose
from.
Primary Request
The Third Party Consumer forwards the MFAQnAPolInqRq_MType
message to the
Service Provider. The message contains:
- IMSOrgId
- QuesCnt
- QuesGroupCnt
Primary Response
The Service Provider returns the MFAQnAPolInqRs_MType
message to the Third
Party Consumer. The message contains:
- IMSOrgId
- MaxQuesVal
- MinQuesVal
- QuesCnt
- QuesGroupCnt
Multi Factor Authentication Questions Behavior
The MFAQnAPolInqRq_MType
request message optionally allows for an IMSOrgId simple element, if
needed. The default organization is the organization used in the routing of the message. The
request also optionally allows for the QuesGroupCnt and
QuesCnt simple elements for the consumer to request a grouping of MFA
questions and the number of questions to be included in each group.
A service provider with the QuesGroupCnt simple
element set to default to ~1~ returns an array wrapped in one group.
The service provider sets a default value for the QuesCnt simple
element when there is an absence from the request. The MFAQnAPolInqRs_MType
root response returns the MinQuesVal and
MaxQuesVal simple elements. The absence of any of the optional
elements conveys that those policies are not enforced. The response returns the
AuthenQuesArray_AType
array, which is an array of authentication questions.
The AuthenQuesCode is a required element.
MFAQnAPolInqRq_MType
MFAQnAPolInqRq_MType
is a message
MType
element.
Contains:
Custom_CType
MsgRqHdr_CType
Simple Elements
The following simple elements are contained within this message.
- IMSOrgId
- The identification assigned to an organization in IMS. An organization that is a financial institution entity should use the routing transit or ABA nine-digit number assigned to financial institutions for routing as assigned by the American Bankers Association. Any leading zeros must be provided for a complete routing and transit number. A non-financial institution uses a mutually agreed upon identification that must contain at least one non-integer character.
- QuesCnt
- The number of questions to be included.
- QuesGroupCnt
- The number of grouped questions.
Custom_CType
Custom_CType
is a complex CType
element.
This element is optional.
MsgRqHdr_CType
MsgRqHdr_CType
is a complex CType
element. This is the default
message request header.
Contains:
AuthenUsrCred_CType
jXchangeHdr_CType
Simple Elements
The following simple elements are contained within this complex.
- AuthenProdCred
- Authentication of the Consumer Product Credentials in the form of a WS Security element that contains a single SAML V2.0 Assertion.
AuthenUsrCred_CType
AuthenUsrCred_CType
is a complex CType
element. This element represents authentication of the end-user credentials in
the form of a WS Security element that contains a single SAML V2.0
Assertion.
Simple Elements
The following simple elements are contained within this complex.
- Security
- Defines the wsse:Security SOAP header element per section 4.
jXchangeHdr_CType
jXchangeHdr_CType
is a complex
CType
element.
Simple Elements
The following simple elements are contained within this complex.
- AuditUsrId
- The user ID that the consumer would like written in the audit as performing the requested service. It varies, but it could be the same as the user ID. It is not used to authenticate. It is used to audit the Soap Header Fault.
- AuditWsId
- The workstation ID that the consumer would like written in the audit as performing the requested service for the Soap Header Fault. It varies, but it could be the same as the user ID.
- AuthenUsrId
- The user ID which the consumer would like the service provider to authenticate with
for the Soap Header Fault. It is a user ID that the provider understands.
This element deprecates in accordance with XSD contract tenets. Effective date: 2017–01–01. The new complex element for user authentication credentials was added to both the Search Message Request Header
SrchMsgRqHdr_CType
and the Message Request HeaderMsgRqHdr_CType
. AuthenUsrId is ignored by the service providers when the authentication user credentialsAuthenUsrCred_CType
package is delivered. The expectation is that the password credentials and the user name token are provided in the authentication user credential complex element in accordance with the standards established by WS-Security. - BusCorrelId
- The correlation identification as related to business functions and activities.
- ConsumerName
- The name of the service consumer (business name) for the Soap Header Fault.
- ConsumerProd
- The name of the product which is consuming the service (business product name) for the Soap Header Fault.
- InstEnv
- An identification provided by the consumer that defines the environment in which the
institution is operating. Canonical values are:
- Prod
- InstRtId
- The identification of the entity of the submitted message. A
financial institution entity uses the routing transit or nine-digit number assigned to
financial institutions for routing as assigned by the American Bankers Association. Any
leading zeros must be provided for a complete routing and transit number. A
non-financial institution entity should use a mutually agreed upon identification that
must contain at least one non-integer character.
The element is required in all message requests.
- jXLogTrackingId
- An identification provided by jXchange to be able to trace the request and response of a message from the third-party gateway, internal gateway, and service provider for the Soap Header Fault.
- JxVer
- Contains the version jXchange is running for the Soap Header Fault.
- ValidConsmName
- The consumer name that can be validated by enterprise governance. The canonical values are managed in a consumer/product enterprise table. The canonical value is: JHA.
- ValidConsmProd
- The consumer product name that can be validated by enterprise governance. The canonical values are managed in a consumer/product enterprise table.
- WorkflowCorrelId
- The correlation identification as related to workflow functions and activities.
jXchangeHdr_CType Deprecation Details
- AuthenUserId
- This element deprecates in three years in accordance with XSD contract tenets.
Effective date: 2012–01–01. The new complex element for user authentication credentials
was added to the Search Message Request Header,
SrchMsgRqHdr_CType,
and the Message Request Header,MsgRqHdr_CType
.AuthenUsrId
is ignored by the service providers when the authentication user credentialsAuthenUsrCred_CType
package is delivered. The expectation is that the password credentials and the user name token are provided in the authentication user credential complex element in accordance with the standards established byWS-Security
.
MFAQnAPolInqRs_MType
MFAQnAPolInqRs_MType
is a message
MType
element.
Contains:
Custom_CType
GroupQuesArray_AType
MsgRsHdr_CType
Simple Elements
The following simple elements are contained within this message.
- IMSOrgId
- The identification assigned to an organization in IMS. An organization that is a financial institution entity should use the routing transit or ABA nine-digit number assigned to financial institutions for routing as assigned by the American Bankers Association. Any leading zeros must be provided for a complete routing and transit number. A non-financial institution uses a mutually agreed upon identification that must contain at least one non-integer character.
- MaxQuesVal
- The maximum number of questions that must be set by the user.
- MinQuesVal
- The minimum number of questions that must be set by the user.
- QuesCnt
- The number of questions to be included.
- QuesGroupCnt
- The number of grouped questions.
Custom_CType
Custom_CType
is a complex CType
element.
This element is optional.
GroupQuesArray_AType
GroupQuesArray_AType
is an array
AType
element. This is an array grouping of MFA questions.
Contains:
GroupQuesRec_CType
MsgRsHdr_CType
MsgRsHdr_CType
is a complex
CType
element. This is the default message response
header.
Contains:
jXchangeHdr_CType
MsgRecInfoArray_AType
jXchangeHdr_CType
jXchangeHdr_CType
is a complex
CType
element.
Simple Elements
The following simple elements are contained within this complex.
- AuditUsrId
- The user ID that the consumer would like written in the audit as performing the requested service. It varies, but it could be the same as the user ID. It is not used to authenticate. It is used to audit the Soap Header Fault.
- AuditWsId
- The workstation ID that the consumer would like written in the audit as performing the requested service for the Soap Header Fault. It varies, but it could be the same as the user ID.
- AuthenUsrId
- The user ID which the consumer would like the service provider to authenticate with
for the Soap Header Fault. It is a user ID that the provider understands.
This element deprecates in accordance with XSD contract tenets. Effective date: 2017–01–01. The new complex element for user authentication credentials was added to both the Search Message Request Header
SrchMsgRqHdr_CType
and the Message Request HeaderMsgRqHdr_CType
. AuthenUsrId is ignored by the service providers when the authentication user credentialsAuthenUsrCred_CType
package is delivered. The expectation is that the password credentials and the user name token are provided in the authentication user credential complex element in accordance with the standards established by WS-Security. - BusCorrelId
- The correlation identification as related to business functions and activities.
- ConsumerName
- The name of the service consumer (business name) for the Soap Header Fault.
- ConsumerProd
- The name of the product which is consuming the service (business product name) for the Soap Header Fault.
- InstEnv
- An identification provided by the consumer that defines the environment in which the
institution is operating. Canonical values are:
- Prod
- InstRtId
- The identification of the entity of the submitted message. A
financial institution entity uses the routing transit or nine-digit number assigned to
financial institutions for routing as assigned by the American Bankers Association. Any
leading zeros must be provided for a complete routing and transit number. A
non-financial institution entity should use a mutually agreed upon identification that
must contain at least one non-integer character.
The element is required in all message requests.
- jXLogTrackingId
- An identification provided by jXchange to be able to trace the request and response of a message from the third-party gateway, internal gateway, and service provider for the Soap Header Fault.
- JxVer
- Contains the version jXchange is running for the Soap Header Fault.
- ValidConsmName
- The consumer name that can be validated by enterprise governance. The canonical values are managed in a consumer/product enterprise table. The canonical value is: JHA.
- ValidConsmProd
- The consumer product name that can be validated by enterprise governance. The canonical values are managed in a consumer/product enterprise table.
- WorkflowCorrelId
- The correlation identification as related to workflow functions and activities.
jXchangeHdr_CType Deprecation Details
- AuthenUserId
- This element deprecates in three years in accordance with XSD contract tenets.
Effective date: 2012–01–01. The new complex element for user authentication credentials
was added to the Search Message Request Header,
SrchMsgRqHdr_CType,
and the Message Request Header,MsgRqHdr_CType
.AuthenUsrId
is ignored by the service providers when the authentication user credentialsAuthenUsrCred_CType
package is delivered. The expectation is that the password credentials and the user name token are provided in the authentication user credential complex element in accordance with the standards established byWS-Security
.
MsgRecInfoArray_AType
MsgRecInfoArray_AType
is an array
AType
element. This is an array of messages that can be
returned in a response.
Contains:
MsgRec_CType
MsgRec_CType
MsgRec_CType
is a complex
CType
element.
Simple Elements
The following simple elements are contained within this complex.
- ErrCat
- The Soap Header Fault error category.
- ErrCode
- The Soap Header Fault error code.
- ErrDesc
- The Soap Header Fault error description.
- ErrElem
- The Soap Header Fault when an error or fault occurs. This optional element contains the element which is causing the error condition.
- ErrElemVal
- The Soap Header Fault when an error or fault occurs. This optional element contains the value of the element which is causing the error condition.
- ErrLoc
- The Soap Header Fault error location. This is typically the program that generated the error condition.