EMToken Protocol Reference

Conforms to EMAuthenticatable
NSObject
Declared in EMToken.h

Overview

The EMToken protocol represents user’s credentials known as tokens.

  name required method

Gets the name of the token. The name of the token was defined when the token was created.

@property (copy, nonatomic, readonly) NSString *name

Return Value

The name of the token.

Declared In

EMToken.h

  soft required method

Returns YES if the token’s credentials are software based (i.e. the credentials are not stored inside a special hardware chip).

@property (nonatomic, readonly, getter=isSoft) BOOL soft

Return Value

YES if this is a soft token, NO otherwise

Declared In

EMToken.h

  tokenSequenceNumber required method

Gets the token sequence number that distinguishes this token among others the users has.

@property (nonatomic, readonly) NSInteger tokenSequenceNumber

Return Value

The token sequence number.

Discussion

The token sequence number is defined only for CAP tokens and is an unsigned value ranging from 0x00 to 0x63 (i.e. 0 to 99). For OATH tokens, the method always return 0xFF (i.e. 255).

Declared In

EMToken.h

  userTokenId required method

Returns the User Token Identifier (UTI).

@property (nonatomic, readonly) NSInteger userTokenId

Return Value

The user token id, -1 if none.

Availability

2.2

Discussion

The UTI is an unsigned value ranging from 0x00 to 0xFF (i.e. 0 to 255). It is generated by the provisioning server and is part of the credential pushed during provisioning. It is guaranteed that two tokens for the same end-user (on authentication server) and from the same EPS domain will never have the same UTI. See the Enrollment and Provisioning Server documentation for domains configuration description.

The UTI is defined only if the token has been created with Provisioning Protocol V3 or V5. When the token has been created with Provisioning Protocol V1 or V2 the method returns -1.

Declared In

EMToken.h

– changePinWithAuthInput:newPin:error: required method

Performs a change PIN using a PIN authentication mode. If the EMTokenCapability of the token is EMTokenCapabilityDUAL_SEED then this operation changes the PIN for both keys regardless of which key is currently selected. See EMTokenCapability.

- (BOOL)changePinWithAuthInput:(id<EMPinAuthInput>)oldPin newPin:(id<EMPinAuthInput>)newPin error:(NSError **)error

Parameters

oldPin

Current Pin value.
newPin

New Pin value.
error

If an error occurs, upon return contains an NSError object that describes the problem. If you are not interested in possible errors, you may pass in NULL. object containing the error information. Possible errors are: - EMPinRuleErrorDomain when the new PIN does not comply with the configured PIN rules.

Return Value

YES if the pin was changed, NO if an error occurred.

Availability

3.2

Declared In

EMToken.h

– upgradeToMultiAuthMode:error: required method

Performs upgrade token migration to support multi authentication mode. The migration is supposed to be performed from SDK version 2.3.0 or newer.

- (BOOL)upgradeToMultiAuthMode:(id<EMPinAuthInput>)pin error:(NSError **)error

Parameters

pin

Current Pin value.
error

If an error occurs, upon return contains an NSError object that describes the problem. If you are not interested in possible errors, you may pass in ‘NULL’. object containing the error information. Possible errors are: - EZIO_MOBILE_ERROR_DOMAIN_MULTI_AUTH_MODE , when upgrade lowplatformcoupling token to multi-auth mode which is not supported. - EMTokenMigrationErrorDomain , when token already migrated to support multi auth modes.

Return Value

‘YES’ if the token migration was succeeded. ‘NO’ if an error occured.

Availability

3.2

Discussion

Warning: 1. It’s mandatory to perform token migration on a previously created token but also on new token before any token operation. 2. Pin value parsed here needs to be correct one, otherwise the token will no longer be valid.

Declared In

EMToken.h