Use Your Own Authentication

It is likely that after moving through pilot or beyond pilot phase an Issuing Entity will be interested to control their own binding instead of using the existing OAuth scenario provided by default by SimplyTapp.  This page covers some of the documentation on how to control the authentication binding entirely by yourself, but still use the SimplyTapp platform.

You will need to contact SimplyTapp to receive the proper credentials to allow your servers to communicate to SimplyTapp to approve all authentication binding behind the scenes, but once you have that in place, it is possible to use the AdminApi set to control all aspects of creating and managing:
+Users
+Wallet mobile apps used by users
+Cards contained in wallet mobile apps

It is important to know that using the AdminApi set gives complete control to the issuing entity and forces that entity to control and manage the binding mechanism between mobile device and cloud services.

Below is one way to manage this use case as an issuing entity.

The bank needs to add these services for the mobile device!!

GetAppAccessTokenAndSecret

This API will receive 2 values that will allow the ST mobile libraries to :

Get a list of cards contained in under this particular key and secret pair
Load and boot a card agent
Disable or enable the display of a remote card

AddHCECard

This API will add a new card to the application.  It will receive a success or fail and will effect the number of virtual cards created inside the users card list



Proposed logic to manage binding

The mapping table should be maintained by BANK.  BANK can generate any new App Token and App Secret by using AdminApi:
CreateAppToken

From the AdminApi document.


When GetAppAccessTokenAndSecret is called through mobilizer by the mobile app, the BANK system and see if there is an App Token and Secret from the database, and if not, call the AdminApi CreateAppToken and then relay that app token and secret to the mobile app.  The mobile app can then use the token and secret to continue to access ST api’s to the card server


At any time, BANK can generate a new token and secret from the CreateAppToken API to destroy the viability of the previous token




Proposed logic to manage cards


The card mapping table should be maintained by BANK.  BANK can generate any new Card Token and Card Secret by using AdminApi:

CreateCardToken

From the AdminApi document.


When AddHCECard is called through mobilizer by the mobile app, the BANK system and call the AdminApi CreateCardToken and store the card token and secret for use to connect and manage that card through STBridge tools. 


Adding a card will add to the card list of the mobile application card list request through simplytapp mobile libraries



Proposed flow to add HCE card