Forum Discussion

Ruggerfly1's avatar
Ruggerfly1
Icon for Nimbostratus rankNimbostratus
Aug 10, 2017

HTTP AAA to a SMS TXT Service with Token Insert

Good Morning,

I'm working on setting up a OTP call using a provider who issues a Token for usage. The token is static.

My config HTTP AAA using Custom Post: Form Action is the Full URL I'm Posting to.

Custom Body To=%{session.ad.last.attr.mobile}&Body=%{session.otp.assigned.val} Expires after use or in %{session.otp.assigned.ttl} seconds. Didn't enclose in quotes as I was referencing another KB and didn't see it there.

Custom Header name came from the provider "TokenCall" Value "really long numerical string"

Customer Header Content_Type "application/json"

I'm using a layered Virtual server to the HTTPS SMS and included an IRULE for the JSON Content:

when HTTP_REQUEST { set json "{ \"glossary\": { \"title\": \"example glossary\", \"GlossDiv\": { \"title\": \"S\", \"GlossList\": { \"GlossEntry\": { \"ID\": \"SGML\", \"SortAs\": \"SGML\", \"GlossTerm\": \"Standard Generalized Markup Language\", \"Acronym\": \"SGML\", \"Abbrev\": \"ISO 8879:1986\", \"GlossDef\": { \"para\": \"A meta-markup language, used to create markup languages such as DocBook.\", \"GlossSeeAlso\": [\"GML\", \"XML\"] }, \"GlossSee\": \"markup\" } } } } }"

HTTP::respond 200 content $json "Content-Type" "application/json"

}

No TXT are received on my end. the vendor is checking their logs, but did i miss anything?

thanks for any reviews and comments to tune up!

APM
security

2 Replies

Sort By
  • Yann_Desmarest's avatar
    Yann_Desmarest
    Icon for Cirrus rankCirrus
    Aug 17, 2017

    Hi,

     

    Something looks strange to me. Can you re-explain the configuration you set up, especially the need for a layered VS that use HTTP::respond ?

     

    Yann

     

  • Wourethe's avatar
    Wourethe
    Icon for Nimbostratus rankNimbostratus
    Dec 15, 2023

    rivet!

    It looks like you did everything right. Here are a few things you can check to make sure everything is working correctly:

    Make sure the URL you use to post your post is correct.
    Make sure the custom body contains the correct information. Specifically, ensure that the To header contains the correct mobile number and the Body header contains the correct OTP code.
    Verify that the TokenCall custom header value is correct.
    Verify that the client's Content-Type header has the correct value.
    If you have checked all these things and still are not receiving any TXT, then the problem may be on the TokenCall provider side. In this case, you should contact them for further assistance.

    In addition, I also recommend additional configuration Two-Factor Authentication Methods to protect against scammers and hackers. 2FA adds an extra layer of security to your account as hackers not only need to know your password, but also have access to your mobile device in order to gain access to your account.

    Here are some tips for setting up 2FA:

    Use a reliable 2FA provider such as Google Authenticator or Authy.
    Enable 2FA for all important accounts, including email, bank accounts, social media, and any other accounts where you have access to sensitive information.
    Do not store 2FA codes in the public domain.

    Hope this information helps!