A - Pxy - 04 - Authenware Authentication Process Manager Web Service Specification

Authenware APM API Web Service Specification
Authentication Process
Manager
Web Service Specification
Version 2.5
March 2013
Revision: 8707
Table of Contents
Contact Us...........................................................................................................2
Preface.................................................................................................................3
Typographic Conventions.....................................................................................4
Overview of Product Features..............................................................................5
APM Methods.......................................................................................................6
preValidateUser...............................................................................................6
validateUser.....................................................................................................9
validateVerificationCode................................................................................14
createPattern.................................................................................................16
getVersion......................................................................................................19
saveWorkstationLog.......................................................................................20
For More Information.........................................................................................21
Appendix I Message Codes.............................................................................22
Appendix II End User License Agreement.......................................................25
Contact Us
Copyright 2013, AuthenWare Corporation and/or its affiliates. All rights
reserved.
This software and related documentation are protected by intellectual
property laws and provided under an End User License Agreement which
contains restrictions on use and disclosure. Except as expressly permitted
in your End User License Agreement or allowed by law, you may not use,
reproduce, copy, license, translate, modify, distribute, broadcast,
transmit, publish, perform, exhibit, or display any part, in any form, by
any means. Disassembly, decompilation, or reverse engineering of this
software, unless required by law for interoperability, is prohibited.
Please click here to view the End User License Agreement.
The information contained herein is subject to change without notice and
is not warranted to be error-free. If you find any errors, please report
them to us in writing.
This software is developed for multi-factor authentication. It is not
developed or intended to be a fail-safe software authentication
application. You shall be responsible to take all appropriate measures to
secure your data and and systems. AuthenWare Corporation and its
affiliates disclaim any liability for any consequential damages caused by
the use of this software application.
This software and documentation may provide information on or access

to content, services, and products from third parties. AuthenWare
Corporation and its affiliates are not responsible for and expressly
disclaim all warranties of any kind with respect to third-party content,
services and products. AuthenWare Corporation and its affiliates will not
be responsible for any loss, costs, or damages incurred due to your
access to or use of third-party content, products, or services.
AuthenWare is a registered trademark of AuthenWare Corporation and/or
its affiliates.
If you have any questions or would like to contact us for any reason, feel
free to do so at:
support@authenware.com
Preface
Audience: This manual is intended for programmers needing
information about the Authenware Authentication Process Manager (APM)
Web Service.
Overview: This document is intended to explain the methods used in the
Authenware APM Web Service. It is not a configuration guide, nor is it a
user guide. For information outside the scope of this manual, please refer
to the Related Documents section to find a guide that better meets your
needs.
Related Documents:
A_pxy_01_Authenware Authentication Process Manager Installation
A_pxy_02_Authenware Authentication Process Manager SSL
Implementation Guide
A_pxy_03_Authenware Authentication Process Manager User Guide
A_pxy_05_Authenware Authentication Process Manager Configuration
Guide
Summary:
The Authenware APM Web Service uses six main methods:
preValidateUser, validateUser, validateVerificationCode, createPattern,

saveWorkstationLog and getVersion. These methods are explained in
detail, including information on the invocation, input parameters,
attributes, and output data.
Typographic Conventions
This document uses the following typographic conventions:
Type of Font
Used For:
Example
Consolas, 11 point,
gray
Method names
validateUser
Method invocations
String getVersion()
File names
API Client Mozilla

Firefox.js
Arial, 11 point, bold, italics,

gray
Generic labels for values value String: Value of

that must be entered or the property.
that will be returned
Arial, 11 point, bold, gray
Attribute names
name String: Names of
the fields as specified in

the administration portal.
APM Web Service Specification

Overview of Product Features
Authenware technology is a second-factor authentication method,
utilized after the user has been verified by the usual first-factor method
(such as Active Directory.) The APM Server is an open-code application
designed to facilitate integration with the Authenware Server. Based on
the User Validation Business Rules, the APM server will return the next
appropriate action. For example, if the user's biometric pattern does not
match the one stored in the Authenware Core, the next action will be to
deny access to the user. If the user is correctly validated, the next action
will be to show the user the next web page. The following diagram briefly
illustrates the process.
APM Methods
The methods detailed here are provided by the Authenware APM server.
All methods are described below, along with details regarding their
invocation, input parameters, attributes, and output data.
preValidateUser
The preValidateUser method indicates whether or not the user exists, if
the user is trained and if the user has been validated within the last N
days, where N is set in the parameter minimumTrainingFrequency. [See
Authenware Authentication Process Manager Configuration Guide].
This method also returns the category and the name of the user's
device and whether or not it is supported by the Authenware technology.
Finally, this method returns the active verification code (OTP) if any and a
list of the user's patterns, including information such as pattern name,
creation date, if trained, etc.
Invocation
PreValidateUserOut preValidateUser(User user, Field field,
Property[] properties)
Input Parameters
user User: Represents the user to be authenticated in the
Authenware Server. Each user is defined by his username (Ex. jperez)

and the number of the organization to which he belongs. This number
is reserved for future use and its value should be set to 1 (one).
Attributes:
userName String: Identifier of the user to be authenticated.
organization int: Unique identifier of the organization.
field Field: Represents the field or group of fields to be observed, and
on which the biometric pattern is constructed. It is defined through the

name of the application it belongs to, and by the field name. This
name is the one defined in the administration portal of Authenware
Server.
Attributes:
application String: Name of the application for which the user
needs to
be authenticated.
name String: Names of the fields as specified in the
administration portal.
properties Property[]: Establishes the properties necessary for the
pre-validation of the user. They could be sent and are as follows in the
table below.
Attributes:
name String: Name of the property. Must be as described in the
table
below.
value String: Value of the property.
Property (name)
Description (property value)
userEmail
E-mail address of the user to be

authenticated. The parameterized alerts
will be sent to this address.
userAgent
Browser's user agent. This will be used to

detect the user's device.
deviceCategory
Category of the user's device. The

possible values are desk, mobile,
tablet, other or unknown.
device
Name of the user's device. For example:

Apple_iPhone.
patternName
If this property is set, this method will

check if the user has a pattern trained
with this name.
Output Data
preValidateUserOut PreValidateUserOut:
result boolean: Indicates whether the pre-validate user action was
done correctly or if it has produced an error in Authenware APM or

Authenware Server.
userInformation Property[]: Represents the user information
obtained from the user pre-validation. The obtained properties are:
name String: Name of the property, as in the table below.
Statistical (name) Description (property value)

userExist
If the value of this property is true, it

means that the user is registered in
Authenware Server.
userTrained
If the value of this property is true, it

means that the user has trained his
biometric pattern.
patternName
If the property userTrained is true, this

property contains the trained pattern
name.
deviceCategory
Returns the detected category of the

user's device, based on the user agent
received from the browser. The possible
values are desk, mobile, tablet,
other or unknown.
device
Returns the detected name of the user's

device, based on the user agent received
from the browser. For example:
Apple_iPhone.
authenwareSupport If the value of this property is true, it

means that the device detected is
ed
supported by Authenware Technology.
otp
Returns the active Verification Code (OTP

One Time Password).
userPattern
Represents a user's pattern. There will be

one of these properties for each pattern
created in Authenware Server. The value
will contain the pattern's information
separated by | in the following order:
Name | Application | Field | Device
Category | Device | Creation Date | Is
Trained | Last Login Date | Last True Login
Date | True Logins | False Logins | Training
Logins | Promoted Logins | Last Reset Date
nextAction Action: Represents the next action that Authenware APM
says to do. Possible actions are as follows in the table below.
code int: Code number of the action, as in the table below.
name String: Name of the action, from the list in the table
below.
# Possible Action
Description
loginUser
Allow the user to log in to the

application without validating in
Authenware Server.
denyAccess
Deny access to the application. An

error has occurred in the prevalidation process.
requestTraining
The user does not exist or his

biometric pattern is not trained.
validateUser
The user should be validated in

Authenware Server.
messages Message[]: Contains the group of messages sent by the
Authenware APM. Each one has a code that uniquely identifies the
message and of what type it is. [See message code reference guide
(Appendix I).]
code int: Message code
message String: Message description.
type String: Indicates the possible message type: error,
warning, or info, according to its level of importance.
validateUser
The validateUser method allows the biometric validation of the user's
login, keeping in mind the user's group. It will create a user in the
Authenware Server if necessary, and will indicate that the user's pattern
needs to be trained.
It also verifies that the user's credentials have not changed since the last
valid entry; if they have changed, the method will request a retraining of
the pattern.
10
Invocation
ValidateUserOut validateUser(User user, Field field, String
signature, Property[] properties)
Input Parameters

Attributes:

Server.
Attributes:
needs to be authenticated.
name String: Names of the fields as specified in the
signature String: Authenware signature coming from the user's
interface (where the observed fields are) captured by the client's API
(Ex: API Client Mozilla Firefox.js) in JSON format.
validation of the user. They must all be sent and are as follows:
Attributes:
11
name String: Name of the property. Must be as described in the
table below.
12
Property (name)
ip
IP address of the computer on which the

authentication is being performed.
isp
Internet provider of the client being

authenticated.
securityLevel
Security level to evaluate the login. If

not specified (value = ) the value
established for the system is used.
userGroup
Group to which the user to be

authenticated belongs. It will be
validated by the Authenware APM if
indicated in the CheckGroup
parameter. [See Authenware
Authentication Process Manager
Configuration Guide]
userTrainingGroup
Mode of training group to which the user

to be authenticated belongs. It will be
used by Authenware APM to determine
the training mode. [See Authenware
Authentication Process Manager
Configuration Guide]
userPassword
Password of the user to be

authenticated. It will be used in the
LDAP authentication and it will not be
saved.
userEmail

authenticated. The OTP (one-time
password) and parameterized alerts will
be sent to this address. It is possible to
send many addresses separated by
semicolon (;)
userCellPhone
Cell phone number of the user to be

authenticated. The OTP will be sent to
this number. It is possible to send many
phone numbers separated by semicolon
(;)
credentialContainerD Current date of the server on which the

date of the user's last password change
ate
is checked. (Use the date of the domain
server in the case that the users are
managed by a Windows domain.)
Format: YYYY-MM-DD hh:mm:ss
credentialLastSet
Date of the last password change.
13

Format: YYYY-MM-DD hh:mm:ss
compressedSignature Indicates if the signature is compressed.
Authenware APM will decompress the
signatures received.
deviceCategory
Category of the user's device. The

possible values are desk, mobile,
tablet, other or unknown.
device

Apple_iPhone.
patternName

use or create a pattern with this specific
name, to validate the user.
splitOtp
Indicates if the Authenware APM should

split the Verification Code (OTP) and
send each part to the recipients
indicated in the properties, such as
userEmail and userCellPhone.
Output Data
validateUserOut ValidateUserOut:
result boolean: Indicates whether the validateUser action was done
correctly or if it has produced an error in Authenware APM or

Authenware Server.
statisticals Property[]: Represents the statistic values obtained
from the user validation. The obtained properties are as follows in the
table below.
14

qpr
Quality of Personal Record, indicates the

quality of the biometric pattern
rate
Trust Identity Rate of the current login
remainingSignatur Number of logins left to complete the

biometric pattern.
es
patternName
Biometric pattern used in this user

validation process.
otp
Returns the active Verification Code (OTP

One Time Password).
nextAction Action: Represents the next action that Authenware APM
says to do. Possible actions are as follows in the table below.
name String: Name of the action, as in the table below.
15
# Possible Action
Description
loginUser
Allow the user to log in to the

application.
denyAccess
Deny access to the application.
requestVerificationCode Request the verification code

(OTP), which was sent to the user.
requestTraining
Request training, allowing the user

to decide if he wants to use
progressive or quick.
requestQuickTraining
Request quick training. The user

may stop the training even if he
hasn't completed it.
requestForceQuickTraini Request quick training. The user

may not stop the training until it is
ng
complete.
requestAlternateValidat Request an alternate validation

method. This occurs when you set
ionMethod
the parameter
UseOtpForExceededNumberAtte
mptsAllowed = false.
messages Message[]: Contains the group of messages sent by

(Appendix I).]
code int: Message code
Note: the data included in statisticals will not be returned in the case
that the next action is of the type requestVerificationCode.
16
validateVerificationCode
When someone tries to enter the system with the correct credentials (Ex.
correct username and password) but their biometric pattern is not
correct, the Authenware APM (through the validateUser method) will
deny access and he will have to try again.
If the user accumulates N false tries (N is the parameter
NumberOfFailuresAllowed [See Authenware Authentication Process Manager
Configuration Guide]), Authenware APM sends an OTP (one-time

password) which will have to be validated through the method
validateVerificationCode.
Invocation
ValidateVerificationCodeOut validateVerificationCode (User
user, Field field, String code)
Input Data

Attributes:

Server.
Attributes:
17
name String: Name of the field as specified in the
code String: Alphanumeric code (OTP or One-Time Password) that
must be validated.
Output Data
ValidateVerificationCodeOut ValidateVerificationCodeOut:
result boolean: Indicates whether the action of validating the
verification code was done correctly or if it has produced an error in

Authenware APM or Authenware Server.
statisticals Property[]: Represents the statistic values obtained from
the user validation. In the case that the correct validation code was
entered, the obtained properties are:

qpr
Quality of Personal Record, indicates the

quality of the biometric pattern.
rate
Trust Identity Rate of the current login.
remainingSignatur Number of logins left to complete the

biometric pattern.
es
patternName
Biometric pattern used in this user

validation process.
nextAction Action: Represents the next action that Authenware says
to do. Possible actions are as follows in the table below.
18
# Possible Action
Description
loginUser
Allow the user to login to the

application.
denyAccess
requestTraining
Request training, allowing the

user to decide if he wants to use
progressive or quick.
requestQuickTraining
Request quick training. The user

may stop the training even if he
hasn't completed it.
requestForceQuickTraini Request quick training. The user

may not stop the training until it
ng
is complete.
requestNewPattern
Request that the user create a

new biometric pattern.
(Appendix I).]
code int: Message code.

createPattern
This method is used to create a complete or partial biometric pattern, or
a completely new pattern for those users who already had an established
pattern.
19
Invocation
CreatePatternOut createPattern (User user, Field field,
String[] signatures, Property[] properties)
Input Data
user User: Represents the user who wants to create a pattern. Each
user is defined by his username (Ex. jperez) and the number of the
organization to which he belongs. This number is reserved for future
use and its value should be set to 1 (one).
Attributes:

Server.
Attributes:
name String: Name of the field as specified in the
signature String[]: Group of Authenware signatures coming from the
user's interface (where the observed fields are) captured by the

client's API (Ex: API Client Mozilla Firefox.js) in JSON format.
This is a list of signatures (since the pattern is formed from a set.) The
number of necessary signatures is defined in the PatternSetSize
parameter [See Authenware Authentication Process Manager
Configuration Guide]. For the first pattern, the number of signatures
sent may be less than the number defined in the parameter, but from
the second pattern on, the complete set of signatures should be sent.
20

creation of the pattern. All must be sent, and are as follows in the
table below.
Attributes:
Property (name)
ip
IP address of the computer on which the

authentication is being performed.
isp
Internet provider of the client being

authenticated.
securityLevel
Security level to evaluate the login. If not

specified (value = ) the value
established for the system is used.
userEmail

authenticated. The parameterized alerts
will be sent to this address.
userPassword
Password of the user to be authenticated.

It will be used in the LDAP authentication
and it will not be saved.
compressedSignat Indicates if the signature is compressed.

Authenware APM will decompress the
ure
signatures received.
deviceCategory
Category of the user's device. The possible

values are desk, mobile, tablet,
other or unknown.
device

Apple_iPhone.
patternName

create a pattern with this specific name, to
validate the user.
Output Data
createPatternOut CreatePatternOut:
result boolean: Indicates whether the action of creating the pattern
21

was done correctly or if it has produced an error in Authenware APM or
Authenware Server.
nextAction Action: Represents the next action that Authenware says
to do. Possible actions are as follows in the table below.
# Next Action
Description
loginUser
Allow the user to login to the

application.
denyAccess
(Appendix I).]
getVersion
This method allows you to find out with which version of Authenware APM
you are interacting.
Invocation
String getVersion()
22
Output Data
version String: Indicates the version of Authenware APM.
The returned chain is of the type Authenware APM Server Version

2.5.0 - Rev. 8679
saveWorkstationLog
This method is used to save the logs generated in workstations to the the
Authenware APM Server database.
Invocation
SaveWorkstationLogOut saveWorkstationLog(String
workstationIp, String workstationLog)
Input Data
workstationIp String: IP address of the workstation to which the log
belongs.
workstationLog String: Contains log's entries. Each one should have
the next fields separated by _ :

Attributes:
Date String [YYYY-MM-DD hh:mm:ss]: Date from log entry.
Type String: Indicates the possible log entry type: error,
Code Integer: Log entry code
User String: Represents the user who wants to login.
For Example: 2009-01-01 15:05:00_error_20004_user is not included in

Authenware groups. The Authenware Server will not check the current
login_jperez
23
Output Data
saveWorkstationLogOut SaveWorkstationLogOut:
result boolean: Indicates whether the action of saving workstation
logs was done correctly or if it has produced an error in the

Authenware APM Server or the Authenware Core.
messages Message[]: Contains the group of messages sent by the
Authenware APM Server. Each one has a code that uniquely identifies
the message and of what type it is. [See message code reference
guide later in this document.]
For More Information

This manual is solely intended to provide information regarding
Authenware's Authentication Process Manager Web Service. If you require
more information than was provided in this guide, please see the
Related Documents section to find a document that better meets your
needs.
24
Appendix I Message Codes
25

Authenware SERVER
26
CODE
TYPE
ERROR
1001
1002
1003
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4012
4013
4014
4015
4016
4023
4030
4031
4032
4033
4034
4035
4036
4040
4041
MESSAGE
Error while parsing object AuthenwareSignature.

The user doesn't have enough logins to be able to deliver
WARNIN
a certain response. The trust identity rate should not be
G
considered.
User needs <number> logins more to complete the
INFO
pattern.
Error while parsing the dates in pattern validity process.
ERROR
The correct format is yyyy-mm-dd hh:mm:ss.
The data capture is not consistent, the keyup and
ERROR
keydown events don't match.
The number of captured events doesn't match with the
ERROR
pattern.
ERROR Error while getting biometric pattern.
There is an error while inserting the login record in
ERROR
LoginDAO class.
The user <user> of the organization <organization> is not
ERROR
registered in Authenware.
ERROR The user <user> couldnt be created on the database.
ERROR Parameter error, <parameter> doesn't have a value.
ERROR Parameter error, parameters container not found.
The application <application> doesnt exist in the
ERROR
Authenware database.
The field <field> of the application <application> doesnt
ERROR
exist in the Authenware database.
The data captured is not consistent; the number of keys
ERROR
do not match.
ERROR The user name can not be empty.
ERROR The user name can not be blank.
ERROR The organization code can not be 0.
ERROR One of the fields doesnt have any captured event.
ERROR Error checking user: <error>
ERROR The application <application> couldnt be created.
The application <application> couldnt be created, the
ERROR
identifier or name is duplicated.
ERROR The application name can not be empty.
ERROR The application name can not be blank.
The security level <security level> for the application
ERROR
<application> is not a valid level.
ERROR The application <application> could not be deleted.
The application <application> doesnt exist in the
ERROR
Authenware database.
ERROR The field <field> could not be created.
The field <field> could not be updated, identifier
ERROR duplicated or the field of the client for the application was
already entered.
27

4042
4043
4045
4060
4061
4084
4500
4710
5000
6001
ERROR
ERROR
ERROR
ERROR
ERROR
ERROR
ERROR
ERROR
ERROR
WARNIN
G
6002
ERROR
8000
8001
8002
ERROR
ERROR
ERROR
8003
ERROR
8004
ERROR
8005
ERROR
9010
ERROR
9020
ERROR
9022
ERROR
The client field can not be empty.

The client field can not be blank.
The field <field> could not be deleted.
The Login register can not be updated.
The user and the field can't be empty.
The requested user doesnt have a pattern.
Authenware unknown error: <error>.
The security level <security level> is not a valid level.
Failed to locate the service: <error>.
It was promoted by gray zone by pattern <pattern>.
It was denied because the biometric record seems to be a
fraud.
License Validation: Error parsing the license file.
The time defined at the license was expired.
The number of users defined for the license was exceeded.
The number of applications defined for the license was
exceeded.
The number of organizations defined for the license was
exceeded.
The number of transactions defined for the license was
exceeded.
Error while accessing to Authenware W.R.A.P. Server.
Error while getting Signature from Authenware W.R.A.P.
Server.
Error creating the new pattern <pattern>; another pattern
with this name already exists.
Authenware APM SERVER

CODE
TYPE
10001
10002
10003
10004
10006
10007
10008
INFO
INFO
INFO
INFO
WARNIN
G
ERROR
ERROR
ERROR
10009
ERROR
10010
ERROR
10005
MESSAGE
The user will be controlled by Authenware Server.
The user did not exist in Authenware Server.
The user was created in Authenware Server successfully.
The user will not be controlled by Authenware Server.
The user should train again because his credentials were
modified.
The verification code is incorrect.
The number of signatures is incorrect.
Error while accessing the Authenware Server service.
Error initializing the Authenware APM Server. Please check
the parameter file, database connection and Core
connection.
Error while creating the user.
28

10011
10012
10013
10014
10017
10018
10019
10020
ERROR
ERROR
ERROR
ERROR
WARNIN
G
WARNIN
G
ERROR
ERROR
ERROR
ERROR
10021
INFO
10022
10023
10024
10025
10026
10027
ERROR
ERROR
ERROR
ERROR
ERROR
ERROR
10028
ERROR
10029
10030
ERROR
ERROR
10031
ERROR
10032
ERROR
10033
10034
10035
10036
10037
10038
10039
10040
10041
10099
ERROR
ERROR
ERROR
ERROR
ERROR
ERROR
ERROR
ERROR
ERROR
ERROR
10015
10016
Error while validating the signature.

Error while resetting the pattern.
Error while verifying if the pattern is ready.
Error while creating a new pattern.
The user could login, but his QPR is lower than the
established limit.
User exceeded the number of attempts allowed.
Error while checking validity of user credentials.
The Authenware Server URL is incorrect.
Error in connecting with Authenware Server.
Error while refreshing the parameters.
The verification code (One Time Password) was sent to the
user.
Error while saving workstation's log
Error while parsing log
The SMS Server URL is incorrect.
Error in connection with SMS Server.
Error while validating user in the Directory Services.
The user will be validated in the Directory Services.
The user credentials are not valid in the Directory
Services.
The user does not have data in the Directory Services.
There are not data (email or cellphone) to send the OTP.
The user should train again, because his QPR is lower than
the established limit.
Error while getting the time of Credential Server using
SNTP.
Error decompressing the signature.
Error checking the training frequency.
The user can not be blank.
The field and the application can not be blank.
Error creating/getting APM session.
Error creating/getting one time password (OTP).
Error detecting device.
Error obtaining user's patterns.
The signature can not be blank.
Authenware APM unknown error: <error>.
29
Appendix II End User License Agreement

Authenware End User Software License
Agreement
This End User License Agreement governs the use of any of the versions of Authenware software and any
related updates and/or upgrades regardless of the delivery mechanism.
1.
License Grant. Subject to the terms and conditions of this Agreement, Licensor hereby grants to
Licensee the right to use the Authenware software (the Software) solely for the internal business uses of
Licensee, and not for resale, redistribution or use in operating a service bureau or otherwise providing
business process management services to any third party.
2.
Ownership by Licensor. Licensor (or its licensors) shall own all right, title, interest and in (a) the
Software, including all business process templates developed solely by Licensor (and/or its contractors) or
jointly by Licensor (and/or its contractors) and Licensee, (b) the following materials provided or developed by
Licensor during the course of this Agreement or any Statement of Work thereunder: Software specifications,
operating instructions, pricing terms, training materials, user documentation, custom code, integrations,
system requirements, user interface code or templates, software specifications, software, and drafts of the
foregoing (the Other Licensor Materials), (c) all trade secrets, patents, trade marks, service marks,
copyrights, trade dress, inventions, know how, applications to register any of the foregoing and other
proprietary rights (Intellectual Property Rights) in the foregoing, and (d) any modifications or derivative
works thereof and any copies of the foregoing. All suggestions, solutions, improvements, corrections, and
other contributions provided by Licensee regarding the Software or the Other Licensor Materials shall become
the property of Licensor (or its licensors) and Licensee hereby agrees to assign any such rights to Licensor.
3.
Copies. Licensee agrees not to make any copies of the Software, except that it may make one copy
of the Software for backup and archive purposes. Licensee shall keep and maintain complete and accurate
records of each copy made of the Software and provide such records to Licensor upon request.
4.
Restrictions. Licensee will not: (a) except as explicitly allowed under this Agreement, copy, edit,
modify, adapt, translate, port, reproduce (except as necessary for installation), distribute, transfer, lend, sell,
sub-license, assign or otherwise transfer any of the Software, any component thereof, or any output generated
by the Software; (b) prepare any derivative work based upon the Software or any component thereof; (c)
reverse engineer, disassemble or decompile the Software or any component thereof, or attempt to discover or
disclose the source code of the Software or any component thereof; (d) encumber, time-share, rent or lease the
rights granted by Licensor under this Agreement; (e) remove, obscure, or alter any notice of Licensors (or its
licensors) intellectual property rights present on or in the Software or any component thereof; (f) use the
Software or any component thereof for any purpose not authorized or contemplated under this Agreement or
in violation of any express prohibition set forth elsewhere in this Agreement, including the exhibits hereto or
policies reference herein; or (g) authorize or permit any person or entity to do any of the foregoing; or (h) use,
or permit an Licensee to use, the Software sub-licensed for a particular Licensee for the benefit of any party
other than such Licensee or for any process other than for the specific process was sub-licensed.
5.
Confidentiality
5.1
Definition. For purposes of this Agreement, the following information shall be considered
Confidential Information: any and all (i) technical and non-technical information including but not limited
to patent, trade secret and proprietary information, techniques, sketches, drawings, models, inventions, knowhow, processes, apparatus, equipment, computer code and algorithms related to either party, and (ii)
30

information relating to marketing plans, business opportunities, personnel, research, development or knowhow. The Software and Other Licensor Materials shall be considered the Confidential Information of
Licensor.
5.2
Treatment of Confidential Information. Each party (the Receiving Party) agrees (i) to use
commercially reasonable efforts to protect the Confidential Information of the disclosing party (the
Disclosing Party) and (ii) that it will not and will ensure that its employees, will not use, disseminate or in
any way disclose any Confidential Information of the Disclosing Party to any person, firm or business, except
as specifically authorized in this Agreement or for any purpose the Disclosing Party may hereafter authorize in
writing. The Receiving Party agrees to disclose the Confidential Information of the Disclosing Party only to
those employees who have a need to know.
5.3
Exceptions. The restrictions set forth in this Section 5 will not apply to any information that the
Receiving Party can demonstrate: (a) was known by the Receiving Party without an obligation of
confidentiality, prior to disclosure by the Disclosing Party; (b) was in or entered the public domain through no
fault of the Receiving Party; (c) is disclosed to the Receiving Party without an obligation of confidentiality; or
(d) is independently developed by the Receiving Party without reference to any Confidential Information of
the Disclosing Party. A party shall not be in violation of this Section 5 if it discloses Confidential Information
demanded by a lawful order from any court or any body empowered to issue such an order, provided that the
Receiving Party notifies the Disclosing Party promptly of the receipt of any such order, provides the
Disclosing Party with a copy of such order, and, if requested by the Disclosing Party, uses good faith efforts to
limit or obtain confidential treatment with respect to information disclosed pursuant to such order.
5.4
No Conveyance of Ownership. Nothing in this Agreement shall be construed to convey any title or
ownership rights to the Confidential Information of the Disclosing Party or to any Intellectual Property Rights
therein or grant any other right, title, or ownership interest to the Disclosing Party Confidential Information
except as may be provided by this Agreement.
6.
Limited Warranty.
6.1
Performance. Licensor warrants that the Software, standing alone without use in combination or
conjunction with any third party software or apparatus, will perform substantially in accordance with the
applicable specifications included in the Other Licensor Materials for a period of thirty (30) days following
delivery. This warranty shall be rendered null and void if the failure of the Software has resulted from an
accident, abuse, or misapplication caused by Licensee. Licensors entire liability and Licensees exclusive
remedy under this warranty is to repair or replace the Software which does not meet the warranties contained
in this Section 6. Any replacement of the Software shall be warranted for the remainder of the original
warranty period. Licensors warranty obligations shall not apply: (a) if the Software has not been installed in
accordance with the installation instructions provided by Licensor; or (b) if the Licensees computing
environment does not meet the minimum system requirements then specified by Licensor for the Software at
the time the Software was ordered.
6.2
Warranty Disclaimer. SECTION 6.1 CONSTITUTES THE ONLY WARRANTIES GRANTED BY

LICENSOR (OR ITS LICENSORS) WITH RESPECT TO THE SOFTWARE, SUPPORT SERVICES OR
CONSULTING SERVICES AND ARE EXPRESSLY MADE IN LIEU OF ANY OTHER EXPRESS OR IMPLIED
WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A
PARTICULAR PURPOSE OR OF NON-INFRINGEMENT. REGARDLESS OF ANY COURSE OF DEALING,
PROMOTIONAL LITERATURE OR OTHER ACTIONS APPARENTLY CREATING A WARRANTY, LICENSOR
MAKES NO WARRANTIES, EXPRESS OR IMPLIED, EXCEPT AS DETAILED IN THIS AGREEMENT
RESPECTING THE FUNCTIONAL CHARACTERISTICS OR PERFORMANCE OF THE SOFTWARE, SUPPORT
SERVICES OR CONSULTING SERVICES OR OF THE PROFITABILITY, COST BENEFITS OR OTHER BENEFITS
TO BE OBTAINED BY LICENSEE FROM THE USE OF THE SOFTWARE OR SERVICES.
7.
Limitation of Liability.
LICENSOR (AND ITS LICENSORS) SHALL NOT BE LIABLE TO LICENSEE FOR DAMAGES FOR ANY CAUSE
RELATED TO OR ARISING OUT OF THIS AGREEMENT, WHETHER IN CONTRACT, NEGLIGENCE OR TORT, IN AN
AMOUNT THAT EXCEEDS THE TOTAL PORTION OF THE LICENSE FEES PAID BY LICENSEE TO LICENSOR
DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRIOR TO THE EVENT WHICH GAVE RISE TO SUCH
DAMAGES HEREUNDER. LICENSOR (AND ITS LICENSORS) SHALL NOT BE LIABLE TO LICENSEE UNDER ANY
LEGAL THEORY, WHETHER IN AN ACTION BASED ON A CONTRACT, TORT (INCLUDING NEGLIGENCE AND
STRICT LIABILITY) OR ANY OTHER LEGAL THEORY, HOWEVER ARISING, FOR ANY INCIDENTAL, SPECIAL,
EXEMPLARY OR CONSEQUENTIAL DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES RESULTING FROM
LOST PROFITS, INTERRUPTION OF BUSINESS, LOSS OF DATA OR PROGRAMS, LOSS OF USE OF COMPUTER
31

HARDWARE, OR LOSS OF GOODWILL, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
8
Early Termination. A party may terminate this Agreement: (a) by giving notice to the other party if
the other party materially breaches the Agreement (which shall include, without limitation, failure by Licensee
to make timely payments hereunder) and fails to cure such breach within 30 days of written notice thereof; or
(b) if the other party ceases to conduct business, becomes or is declared insolvent or bankrupt, is the subject
of any proceeding relating to its liquidation or insolvency which is not dismissed or stayed within ninety (90)
days or makes a general assignment for the benefit of its creditors.
9
Effects of Termination. Upon termination of this Agreement: (a) Licensees right to use the
Software shall automatically terminate; and (b) both parties will return or destroy the originals and all full or
partial copies of the Confidential Information of the other party (including any Software in Licensees
possession) and any other materials furnished hereunder within ten (10) days and, at the request of the other
party, shall certify in writing that all such materials have been returned or destroyed.
10.
General Provisions.
10.1
Export. Licensee shall comply with all then current Export Laws and Regulations of the United
States Government pertaining to the Software. Licensee hereby certifies that it will not directly or indirectly,
export, re-export, or transship the Software or related information, media, or products in violation of United
States laws, rules, and regulations.
10.2
Attorneys Fees. In addition to any other relief awarded, the prevailing party in any action arising
out of this Agreement will be entitled to its reasonable attorneys fees and costs.
10.3
Entire Agreement; Amendments. This Agreement, including any all Exhibits attached hereto and
agreements, policies and programs reference herein, constitutes the entire agreement between the parties with
respect to the subject matter contained herein and supersedes all prior proposals, agreements, negotiations,
correspondence, understandings, and other communications, whether written or oral, between Licensor and
Licensee. There are no promises, covenants or undertakings other than those expressly set forth herein. This
Agreement may not be modified except in writing signed by authorized representatives of Licensor and
Licensee. The parties agree that facsimile signatures of authorized representatives of the parties on this
Agreement will be binding.
10.4
Injunctive Relief. The parties agree that money damages will be inadequate in the event of a breach
of Section 3, 4 and 5 of this Agreement and that the non-breaching party shall be entitled to injunctive relief in
the event of such a breach without the necessity of posting a bond.
10.5
Discontinuation of Software or Support Services. Licensor reserves the right to discontinue supply
of any or all Software or to discontinue renewing the Support Services in the event Licensor (or its licensors)
generally discontinues active distribution of any or all of the Software or active provision of the Support
Services.
10.6
Force Majeure. Neither party shall be in default for, or held responsible for damages caused by
delay or failure to perform in full or in part its obligations under this Agreement (other than payment
obligations) where such delay or failure is due to circumstances, such as fires, strikes, acts of God or acts of
terrorism, which are beyond the control of the party.
10.7
Choice of Law and Forum. This Agreement shall be governed by, and construed in accordance
with, the laws of the State of Florida without reference to conflicts of laws rules, which would require
application of another substantive law. The United Nations Convention on Contracts for the International Sale
of Goods is specifically excluded from application to this Agreement. All disputes arising out of or relating to
this Agreement may only be brought in the state or federal courts located in Florida, and the parties hereby
agree and submit to the personal and exclusive jurisdiction and venue of these courts.
10.8
Third Party Beneficiary. Licensee agrees that Licensors licensors are intended to be third party
beneficiaries of this Agreement. Such licensors may bring direct action against Licensee for the breach of the
terms hereof that relate to the software or other materials provided by such licensors.
10.9
Verification. Licensee agrees that Licensor (or its licensors) may, upon five (5) business days prior
written notice, enter Licensees premises to verify Licensees compliance with the provisions of this
Agreement. Licensors inspections shall: (i) be limited to one annual inspection (unless Licensor believes that
it has just cause for multiple inspections); (ii) take place during Licensees normal business hours; and (iii)
involve inspection of only those records pertaining to the Licensor Software including copy locations. If
Licensee is found not to be in substantial compliance with this Agreement, Licensee shall pay the reasonable
32

expenses associated with such inspection. Licensors rights of inspection shall remain in effect through the
period ending one year from the termination or expiration of this Agreement.
10.10
Third Party Programs. Third Party components of the Authenware solution are subject to their own
license terms. These third party software programs are components only and cannot be used directly by the
Licensee. WARNING: Do not upgrade or reconfigure any software components. Any changes to the delivered
configuration could result in serious consequences to the performance of the software.
10.11
Trademarks. Trademark 2010 Authenware Corporation, INC. All rights reserved. Authenware
logo is a registered trademark of Authenware Corporation, Inc. All other trademarks are the property of their
respective owners.
10.12
WARNINGS. ANY ATTEMPT TO TAMPER, MODIFY, ADAPT, REVERSE ENGINEER, DISASSEMBLE,

DECOMPILE, DECRYPT OR OTHERWISE DERIVE SOURCE CODE FROM THE SOFTWARE WILL RESULT IN
IMMEDIATE TERMINATION OF THE LICENSE AGREEMENT AND WILL BE PUNISHED TO THE FULLEST
EXTENT OF THE LAW. DO NOT UPGRADE OR RECONFIGURE ANY SOFTWARE COMPONENT. ANY
CHANGES TO DELIVERED CONFIGURATION MAY RESULT IN SERIOUS CONSEQUENCES TO THE
PERFORMANCE OF THE SOFTWARE.
YOU MUST READ THIS ENTIRE AUTHENWARE END USER SOFTWARE LICENSE AGREEMENT
("LICENSE AGREEMENT") CAREFULLY BEFORE ACCEPTING OR INSTALLING THIS APPLICATION.
IF YOU DO NOT AGREE TO THE TERMS OF THIS LICENSE AGREEMENT, YOU AGREE NOT TO
INSTALL. BY CLICKING "I ACCEPT" OR BY INSTALLING YOU AGREE TO BECOME A PARTY TO, AND
BE BOUND BY, THE TERMS OF THIS LICENSE AGREEMENT AND THIS LICENSE IS ENTERED INTO
BETWEEN AUTHENWARE CORPORATION AND THE ORGANIZATION EXECUTING THIS LICENSE
AGREEMENT ("YOU" AND "YOUR").
33

A - Pxy - 04 - Authenware Authentication Process Manager Web Service Specification

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

A - Pxy - 04 - Authenware Authentication Process Manager Web Service Specification

Uploaded by

Copyright:

Available Formats

Authenware APM API Web Service Specification

Authenware APM API Web Service Specification

Authenware APM API Web Service Specification

This software and documentation may provide information on or access

Authenware APM API Web Service Specification

API Client Mozilla

Arial, 11 point, bold, italics,

Generic labels for values value String: Value of

Arial, 11 point, bold, gray

name String: Names of

the fields as specified in

Authenware APM API Web Service Specification

APM Web Service Specification

Authenware APM API Web Service Specification

Authenware Server. Each user is defined by his username (Ex. jperez)

userName String: Identifier of the user to be authenticated.

organization int: Unique identifier of the organization.

Authenware APM API Web Service Specification

field Field: Represents the field or group of fields to be observed, and

on which the biometric pattern is constructed. It is defined through the

application String: Name of the application for which the user

name String: Names of the fields as specified in the

name String: Name of the property. Must be as described in the

Description (property value)

E-mail address of the user to be

Browser's user agent. This will be used to

Category of the user's device. The

Name of the user's device. For example:

If this property is set, this method will

Authenware APM API Web Service Specification

result boolean: Indicates whether the pre-validate user action was

done correctly or if it has produced an error in Authenware APM or

name String: Name of the property, as in the table below.

value String: Value of the property.

Authenware APM API Web Service Specification

Statistical (name) Description (property value)

If the value of this property is true, it

If the value of this property is true, it

If the property userTrained is true, this

Returns the detected category of the

Returns the detected name of the user's

authenwareSupport If the value of this property is true, it

Returns the active Verification Code (OTP

Represents a user's pattern. There will be

nextAction Action: Represents the next action that Authenware APM

says to do. Possible actions are as follows in the table below.

code int: Code number of the action, as in the table below.

Authenware APM API Web Service Specification

Allow the user to log in to the

Deny access to the application. An

The user does not exist or his

The user should be validated in

messages Message[]: Contains the group of messages sent by the

code int: Message code

message String: Message description.

type String: Indicates the possible message type: error,

warning, or info, according to its level of importance.

Authenware APM API Web Service Specification

Authenware Server. Each user is defined by his username (Ex. jperez)

userName String: Identifier of the user to be authenticated.

organization int: Unique identifier of the organization.

field Field: Represents the field or group of fields to be observed, and

on which the biometric pattern is constructed. It is defined through the