Overview

Activation Steps

Cardinal wants to get you up and running with CCA as quickly and seamlessly as possible. This section of the document will outline the simple steps that are necessary in order to take advantage of Cardinal Mobile SDK..

Step 4 - Setup the Initial Call to Cardinal

Step 5 - Create a Lookup Request/Response to Centinel 

Create an API call to your backend server in order to send a Lookup Request (cmpi_lookup) to Cardinal's Centinel platform for initiating the Consumer Authentication transaction.  The Centinel platform manages all of the routing and connectivity, as well as the rules engine for all of the various 3-D Secure protocols and versions.  Please follow the Getting Started and Lookup Request/Response sections for completing your backend integration: Cardinal (cmpi) Messages 

Required Field for identifying as an SDK transaction : 

    • <DeviceChannel>SDK</DeviceChannel>
    • <DFReferenceId>ReferenceId</DFReferenceId>

ReferenceId is consumerSessionId returned on setup completion, if no referenceID is passed in serverJwt. Else you can use that referenceID as DFReferenceId

Step 6 - Handle the Centinel Lookup Response and create the Authentication Session

Step 7 - JWT Validation

Once the response JWT arrives in the onValidated, you will need to send the response JWT to your backend for verification and consumption. We recommend that any values sent to 3rd parties are sourced from the response JWT after it has been properly validated.

For security reasons, all JWT validation must be done on the server side.


For more in-depth information on JWT validation including code samples in a few languages, check out the JWT Validation page.






Overall Flow