Object: AuthenticationAuthorizationResponse

Response body

Object sent during authentication-authorization response.

Here's an example of a clear text JSON response:

  {
    "requestId": "375dhjf9-Uydd="
    "authorizations": ["LIST_ACCOUNTS", "ASSOCIATE_ACCOUNT"]
  }

The AuthenticationAuthorizationResponse is encrypted and signed using PGP or JWS+JWE. Further, this value is web-safe base64 encoded. This encoding is referred to below as Base64UrlEncode. In other words, the clear text JSON version of the AuthenticationAuthorizationRequest must be passed through the following functions:

Base64UrlEncode(
  PGPSignAndEncrypt(
    '{"requestId": "375dhjf9-Uydd=",
      "authorizations": ["LIST_ACCOUNTS", "ASSOCIATE_ACCOUNT"]}'
  )
)

Base64UrlEncode(
  JWSignAndEncrypt(
    '{"requestId": "375dhjf9-Uydd=",
      "authorizations": ["LIST_ACCOUNTS", "ASSOCIATE_ACCOUNT"]}'
  )
)

JSON representation
{ "requestId": string, "authorizations": repeated string, }

Fields

Fields
`requestId`	`string` REQUIRED: Reflected back by the payment integrator to Google. This allows Google to prevent replay attacks.
`authorizations`	`repeated string` REQUIRED: Reflected back by the payment integrator to Google. This allows Google to check that the `authorizations` passed back are the same `authorizations` passed in.

requestId

string

REQUIRED: Reflected back by the payment integrator to Google. This allows Google to prevent replay attacks.

authorizations

repeated string

REQUIRED: Reflected back by the payment integrator to Google. This allows Google to check that the authorizations passed back are the same authorizations passed in.