Activation codes are an alternate way to complete the connection
registration process. It is considered a manual registration method because users must enter
the supplied activation code before administrators can manually register
the
inbound connection request.
For
online
applications,
manual registration also includes a security token (x-sup-sectoken) in the header value,
which represents the same activation code in a hashed form.
A connection that is registered allows the application to become activated (that is,
allowing it to consume data and services of SAP Mobile Platform).
The activation process for manual connection registration follows this sequence:
- Delivery – the administrator delivers the activation code; for example, phone SMS,
e-mail, or Afaria.
- Login – the user sends credentials via the application the security provider.
- Code entry – the activation code initiates the activation process. Once delivered, the
code helps find packages, customizations, and connections on
SAP Mobile Server. The activation code is a one-time use,
limited-duration (by default, 72 hours) code. Once the expiry time is met,
the ability to activate the application expires, not the activation code
itself. If users miss the activation period, the must submit a request to
the administrator to use a new code and re-try again.
- Connection registration – the administrator registers the connection by selecting the in-bound
connection and manually pairing it to a template. The selected template
supplies the default connection values. The administrator must also manually
enter an identity for the application user of the registered connection in
SAP Control Center.
- Application activation – the device synchronizes settings from the server, and returns device
information back to the server. For example, the registered application
connection is updated with a phone number, IMSI, device type, and
perhaps native push configuration information that is used to deliver
notifications via device-specific infrastructures for Apple, BlackBerry,
or Android.
Note: You can authenticate users after application activation. This authentication
can subsequently occur, for example, when an application tries to synchronize (as in
the case for native applications) or makes some other online request (as in the case
for Hybrid Apps). Any security configurations you have used to
authenticate a package is then used to authenticate the request.