Mobile SDK Authentisierung

1 About 1cs Mobile SDK Authentication

1.1 General information about 1cs Mobile SDK Authentication

This document describes the First Cash Solution SDK authentication method and the corresponding parameters for the request and the responses passed back. If a merchant develops an app of its own, this method is necessary so that secure authentication takes place via the First Cash Solution interface, independently of the app. The authentication is based on a one-off token that is exchanged between First Cash Solution and the merchant.

Further information about integration of the SDK can be found within GitHub repository at

1.2 Process flow chart

Process flow Mobile SDK Authentication

2 1cs Online Payment System interface

2.1 Definitions

2.1.1 Data formats

asalphabetical with special characters
ansalphanumeric with special characters
nsnumeric with special characters
boolboolean expression (true or false)
3fixed length with 3 digits/characters
..3variable length with maximum 3 digits/characters
enumenumeration of allowed values
dttmISODateTime (YYYY-MM-DDThh:mm:ss)

2.1.2 Abbreviations

MmandatoryIf a parameter is mandatory, then it must be present
OoptionalIf a parameter is optional, then it can be present, but it is not required
CconditionalIf a parameter is conditional, then there is a conditional rule which specifies whether it is mandatory or optional

Notice: Please note that the names of parameters can be returned in upper or lower case.

2.2 Mobile SDK authentication process

High level process overview:

1.     Mobile SDK creates authentication request to merchant’s URL endpoint

2.     Merchant’s URL endpoint generates AuthToken and AuthLabel

3.     Merchant’s URL endpoint calls First Cash Solution interface with below defined parameters

4.     Merchant’s URL endpoint receives First Cash Solution response

5.     Merchant’s URL endpoint responds to Mobile SDK authentication request

For the authentication request, the merchant’s endpoint should accept a POST request with Content-Type: application/json and a JSON body like this:


        "merchantID": <1cs_MerchantID>


The Mobile SDK expects a JSON object as response from merchant’s endpoint, so merchant’s endpoint needs to create a JSON object with attributes from the response and also the generated AuthToken and AuthLabel like this:


        "AuthToken“: <generated_token>,

        "AuthLabel": <generated_label>,

        “ExpiryDate”: <expiry_date_of_token>

        "Description": <description_from_computop_response>,

        "Status": <status_from_computop_response>,

        "Code": <code_from_computop_response>


2.2 Calling the interface

In order to register a one-off token for encryption the 1cs Online Payment System, the merchant must transmit the following parameters to First Cash Solution via a server-to-server connection. Enter the following URL to do this:

Notice: For security reasons, the 1cs Online Payment System rejects all payment requests with formatting errors. Therefore please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

MerchantIDans..30MMerchantID, assigned by First Cash Solution. Additionally this parameter has to be passed in plain language too.
AuthTokenan16..56MUnique token generated by merchant which is used to decrypt the payment request
AuthLabelan32..64MIdentifier for the AuthToken used to decrypt the payment request
ExpiryDatedttmOEnd time of token validity. The maximum period of validity amounts 24 hours. If the value is not specified the token expires after 15 minutes by default.

Parameters for authentication request

The following table shows the 1cs Online Payment System response parameters:
(info) pls. be prepared to receive additional parameters at any time and do not check the order of parameters

(info) the key (e.g. MerchantId, RefNr) should not be checked case-sentive

MIDans..30MMerchantID, assigned by First Cash Solution
Statusa..30MOK (URLSuccess) or FAILED (URLFailure)
Descriptionans..1024MFurther details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis!
Coden8MError code according to the 1cs Online Payment System Response Codes Excel file
ExpiryDatedttmMEnd time of token validity. The maximum period of validity amounts 24 hours. If the value is not specified the token expires after 15 minutes by default.

Response parameters for authentication request