Manual Connection Registration with Activation Codes

Activation codes are an alternate way to complete the connection registration process. It is considered a manual registration method because users must enter the supplied activation code before administrators can manually register the inbound connection request.

For online applications, manual registration also includes a security token (x-sup-sectoken) in the header value, which represents the same activation code in a hashed form.

A connection that is registered allows the application to become activated (that is, allowing it to consume data and services of SAP Mobile Platform). The activation process for manual connection registration follows this sequence:

Delivery – the administrator delivers the activation code; for example, phone SMS, e-mail, or Afaria.
Login – the user sends credentials via the application the security provider.
Code entry – the activation code initiates the activation process. Once delivered, the code helps find packages, customizations, and connections on SAP Mobile Server. The activation code is a one-time use, limited-duration (by default, 72 hours) code. Once the expiry time is met, the ability to activate the application expires, not the activation code itself. If users miss the activation period, the must submit a request to the administrator to use a new code and re-try again.
Connection registration – the administrator registers the connection by selecting the in-bound connection and manually pairing it to a template. The selected template supplies the default connection values. The administrator must also manually enter an identity for the application user of the registered connection in SAP Control Center.
Application activation – the device synchronizes settings from the server, and returns device information back to the server. For example, the registered application connection is updated with a phone number, IMSI, device type, and perhaps native push configuration information that is used to deliver notifications via device-specific infrastructures for Apple, BlackBerry, or Android.

Note: You can authenticate users after application activation. This authentication can subsequently occur, for example, when an application tries to synchronize (as in the case for native applications) or makes some other online request (as in the case for Hybrid Apps). Any security configurations you have used to authenticate a package is then used to authenticate the request.