Object: AuthenticationRequest
Stay organized with collections
Save and categorize content based on your preferences.
Request body
Object sent during authentication request.
Here's an example of a clear text JSON request:
{
"requestId": "375dhjf9-Uydd="
}
The AuthenticationRequest is encrypted and signed using PGP or JWE+JWS.
Further, this value is web-safe base64 encoded. This encoding is referred to below as
Base64UrlEncode. In other words, the clear text JSON version of the
AuthenticationRequest must be passed through the following functions:
Base64UrlEncode(
PGPSignAndEncrypt(
'{"requestId": "375dhjf9-Uydd="}'
)
)
or
Base64UrlEncode(
JWSignAndEncrypt(
'{"requestId": "375dhjf9-Uydd="}'
)
)
| JSON representation |
{
"requestId": string,
"associationId": string,
}
|
| Fields |
requestId |
string
REQUIRED: Identifier for this request.
|
associationId |
string
OPTIONAL: The ID that represents the association between a customer's Google Account and a customer's account with the vendor. If this authentication flow is being used to re-authenticate a user that has already gone through an Association flow, this field identifies the specific account with the vendor that the user must authenticate. This allows to ensure that the user does not (e.g.) accidentally authenticate using some other account. If this field is provided, the Payment Integrator must ensure that that the account being authenticated is tied to this associationId, and otherwise must return a failure.
|
All rights reserved. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-09-03 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-09-03 UTC."],[[["Authentication requests contain a request ID and, optionally, an association ID, within a JSON object."],["The JSON request body is encrypted and signed using either PGP or JWE+JWS for security."],["This secured data is then encoded using web-safe base64 encoding before transmission."],["The `requestId` is a required field that uniquely identifies each authentication request."],["Including the `associationId` is optional but helps link the Google Account with the vendor's customer account for re-authentication purposes."]]],["The `AuthenticationRequest` is a JSON object containing a `requestId` (required string identifier) and an optional `associationId` (string linking Google and vendor accounts). This JSON is encrypted and signed using PGP or JWE+JWS, then encoded using Base64UrlEncode. The resulting string is sent during the authentication. The Payment Integrator, if provided with an `associationId`, is responsible for validating that the account the user authenticates, is the correct account tied to the `associationId`.\n"]]