The transaction approval module exposes a REST API that allows a delegating entity to verify transactions with the user's 2nd authentication factor such as Airlock 2FA.
By delegating entity we refer to 3rd party application such as e-banking systems.
The transaction approval interface is intended to be used in an internal infrastructure. e.g. invoked from an e-banking system acting as a delegating entity on behalf of a user.
It is not intended to be exposed directly to the internet.
Transaction Approval requires a separate license bundle ("TRANSACTION APPROVAL").
The transaction approval process is organized and configured as a sequence of steps.
A typical transaction approval flow is as follows:
- 1.20.1.1. User identifying step: Identifies the user to IAM.
- 2.20.1.2. Parameter step and message providers: Send transaction detail to IAM.
- 3.20.1.3. Selection of authentication token and AuthTokenId usage (optional): If the user has multiple tokens, one must be selected for transaction approval.
- 4.20.1.4. Approval steps: An authentication token (e.g. Airlock 2FA, mTAN or Cronto) is used to send transaction details to the user and have them approved. The transaction details are formatted using a message provider.
Flow concepts
The transaction approval REST API is built on the "flow engine".
Please refer to the general documentation about flows for further information: