Important

To be able to use transaction sealing, parameter "Transaction sealing" must be set to "yes" in the "Service parameters" of your inWebo administration console. 
If this parameter is not available/displayed in your console, please contact your sales representative at inWebo.

About "sealed data",
There is no fixed limit for the <data> parameters (containing hash values)

URL:SealVerify

https://api.myinwebo.com/FS?action=sealVerify + parameters

Mandatory parameters:

&serviceId= <id of the service> //integer
&userId=<login> //string
&token=<OTP received from the client app> //string
&data=<sealed data> //string

Optional parameters:

&format=json // allows to get the API response in json format instead of XML format

Response:

By default, response is in XML. It contains:

  • err: operation result (« OK » or « NOK:<cause> ;»)

  • name: name of the device that performed the sealing

  • alias: alias of the device that performed the sealing

  • version: version of the device that performed the sealing

  • platform: platform of the device (the one you passed to mAccess)

  • type: will be “mac” (your application developed with mAccess)

  • timestamp: timestamp of the API call

If the ID of the service set in the URL is not valid the returned error code is: « NOK:srv unknown ». If the login set is not a valid login of the service the returned error code is: « NOK:account unknown ».

Other error codes:

  • NOK:NoKey: user does not have a sealing key. This means that he has not activated your app

  • NOK:BadData: The data sealing in the OTP is different from the one sent in as an input parameter. Potential MITM.

  • NOK:FORBIDDEN: Sealing option is not authorized for your account. Contact inWebo Sales.

  • NOK: other errors

Format of XML response:

<sealVerify>
<err>Error Code</err>
<name>appname</name>
<alias>device alias</alias>
<version>app version</version>
<platform>Platform</platform>
<type>mac</type>
<timestamp>timestamp</timestamp>
</sealVerify>
XML

Format of JSON response:

{"err":"","name":"","alias":"","type":"","version":"","platform":"","timestamp":""}

sealDeferredVerify

URL:

https://api.myinwebo.com/FS?action=sealDeferredVerify + parameters

Mandatory parameters:

&serviceId= <id of the service> //integer
&userId=<login> //string
&token=<OTP received from the client app> //string
&data=<sealed data> //string

&date=<seal date> // timestamp unix (nombre de seconde depuis 01/01/1970)

Optional parameters:

&format=json // allows to get the API response in json format instead of XML format

Response:

By default, response is in XML. It contains:

  • err: operation result (« OK » or « NOK:<cause> ;»)

  • name: name of the device that performed the sealing

  • alias: alias of the device that performed the sealing

  • version: version of the device that performed the sealing

  • platform: platform of the device (the one you passed to mAccess)

  • type: will be “mac” (your application developed with mAccess)

  • timestamp: timestamp of the API call

If the ID of the service set in the URL is not valid the returned error code is: « NOK:srv unknown ». If the login set is not a valid login of the service the returned error code is: « NOK:account unknown ».

Other error codes:

  • NOK:NoKey: user does not have a sealing key. This means that he has not activated your app

  • NOK:BadData: The data sealing in the OTP is different from the one sent in as an input parameter. Potential MITM.

  • NOK:FORBIDDEN: Sealing option is not authorized for your account. Contact inWebo Sales.

  • NOK: other errors

Format of XML response:

<sealDeferredVerify>
<err>Error Code</err>
<name>appname</name>
<alias>device alias</alias>
<version>app version</version>
<platform>Platform</platform>
<type>mac</type>
<timestamp>timestamp</timestamp>
</sealDeferredVerify>
XML

Format of JSON response:

{"err":"","name":"","alias":"","type":"","version":"","platform":"","timestamp":""}