-
Notifications
You must be signed in to change notification settings - Fork 9
Web Socket Communication Protocol
PowerAuth Web Flow documentation has been moved to: https://developers.wultra.com/docs/develop/powerauth-webflow/Web-Socket-Communication-Protocol
Please use the new developer portal to access documentation.
Web Flow uses Web Sockets to deliver a better user experience with instant reaction of the web user interface to authorization events. This chapter describes the communication protocol.
Web Flow server uses Web Sockets to notify web frontend about complete authorization events. The Web Socket communication is initiated by a registration handshake. The client listens after registration to authorization messages delivered from the server. Web Sockets are used to provide better responsiveness over polling in authorization steps where authorization is done asynchronously.
All messages use the JSON format. Web Socket communication leverages user topics to avoid broadcasting messages to multiple clients.
Each web socket client needs to register to initiate communication with the Web Flow server using Web Sockets. During registration a webSocketId value is used. The webSocketId value is unique for each Web Socket communication and is derived from the operationId value used in Web Flow. The Web Socket sessionId is saved during registration and the mapping from webSocketId -> sessionId is kept in memory, so that later during authorization of the step an asynchronous message can be sent to a previously registered client.
The registration is initiated by the client:
CLIENT => SERVER, topic: /user/topic/registration
{
"webSocketId": "12345678"
}Synchronous response to client request is is received:
SERVER => CLIENT, topic: /user/topic/registration
{
"webSocketId": "12345678"
}Each Web Flow operation has a unique operationId which is mapped to a webSocketId from which the sessionId value is derived (the value is unique for each Web Socket session). The sessionId is used to communicate with a previously registered client who can receive a Web Socket message to get notified about completed authorization step:
SERVER => CLIENT, topic: /user/topic/authorization
{
"webSocketId": "12345678",
"authResult": "CONFIRMED"
}This message is not used for the actual authorization, it is used just as a notification of the client that authorization is complete. The client can immediately call the REST API to complete authorization of the step.
Overview
Applications
- Web Flow Server
- Next Step Server
- Data Adapter
- Mobile Token
- PowerAuth Server
- PowerAuth Admin
- PowerAuth Push Server
REST APIs
- NextStep Server REST API Reference
- Data Adapter REST API Reference
- Web Flow REST API Reference
- Mobile Push Registration API
- Mobile Token REST API Reference
Deployment
Customizing Web Flow
- Customizing Web Flow Appearance
- Implementing Data Adapter Interface
- Web Flow Configuration
- Configuring Next Step Definitions
- Customizing Operation Form Data
- Mobile Token Configuration
Technical Notes
Development
Releases