Embed Size (px)
DESCRIPTION
Detailed Latch user guide for PowerShell. Step-by-step start-up with images and explanations for PowerShell developers. You can watch videos about installing and using Latch on YouTube (https://www.youtube.com/user/ElevenPaths) and Vimeo (http://vimeo.com/elevenpaths). For more information please visit Latch's website (https://latch.elevenpaths.com).
Citation preview
Latch SDK installation guide for PowerShell
ElevenPaths, radical and disruptive innovation in security solutions
ElevenPaths [email protected] elevenpaths.com
Version 7.1 – November 2016
Latch SDK installation guide for PowerShell
V.7.1 – November 2016
Page 2 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
TABLE OF CONTENT
1 Obtaining the Latch SDK .............................................................................................. 3
1.1 Prerequisites ............................................................................................................................. 3
1.2 Obtaining application ID ........................................................................................................... 3
1.3 Downloading the SDK ............................................................................................................... 6
2 Installing the SDK ........................................................................................................ 7
2.1 Configuring the SDK .................................................................................................................. 7
2.2 Unpairing the PowerShell’s service in Latch ........................................................................... 10
3 Resources .................................................................................................................. 11
Latch SDK installation guide for PowerShell
V.7.1 – November 2016
Page 3 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
1 Obtaining the Latch SDK
1.1 Prerequisites
PowerShell 3.
.Net Framework 4.
1.2 Obtaining application ID
To obtain the "Application ID" and the "Secret", which are essential to integrate Latch into a service,
it’s necessary to register a developer account in Latch's website: https://latch.elevenpaths.com. On
the upper right side, click on “Developer area”.
Figure 01: “Developer area” in Latch webpage.
Tap the button “Register as a developer” and select “Create a new developer account”, a form will appear where you can fill up the required data. Mandatory fields are name, e-mail and password.
Figure 02: Sign in form for developers.
Latch SDK installation guide for PowerShell
V.7.1 – November 2016
Page 4 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
Once completed, an email will be sent, with an activation code to activate the brand new account.
Figure 03: Form to fill up with activation code.
When the account is activated, the user will be able to create applications with Latch and access to developer documentation, including existing SDKs and plugins.
To do so the developer must log on to the Latch website and then access the "Developer area" section (https://latch.elevenpaths.com/www/developerArea), where you can view your applications through the "My applications" section on the side menu.
Figure 04: “My applications” section with user's configured applications.
From the "Add a new application" button, the developer will create a new application, with the specified name, which you want to appear in the end users' mobile application.
Latch SDK installation guide for PowerShell
V.7.1 – November 2016
Page 5 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
Figure 05: Creating an application. The name will be shown on the mobile app.
Information about the application is displayed when it is created and part of this data is editable. The basic data that the developer should use when installing the SDK are the "Application ID" and "Secret". In addition the following additional parameters are in place, which the developer may change at any time, that set the characteristics of your application:
Name: This corresponds to the name of the application that end users see on their devices when they pair the service. They can customize it themselves on their own device if they so wish.
Image: This corresponds to the application icon that will appear in the end-user's device; its size should not exceed 1MB. It is recommended to be in 24-bit png format without alpha channel, and its proportions are 1: 1.
2nd OTP factor (One-time password): This is only available to developers with a subscription model other than "Community". It enables the service to also be protected by a password, which is sent to the end user at the time he/she wants to access the service. The OTP setup can be:
1. Disabled: The option will not appear on the end user's mobile device.
2. Opt in: The end user may choose to use this option to protect the service.
3. Mandatory: The end user will receive a password every time he/she wants to access the service.
Lock latches after request: This is only available to developers with a subscription model other than "Community". This enables the service to be locked automatically once it has been accessed. The “Lock latches after request” setup can be:
1. Disabled: The option will not appear on the end user's mobile device.
2. Opt in: The end user may choose to use this option to protect the service.
3. Mandatory: The service will be locked automatically once it has been accessed. In the latter case, the "Scheduled lock" option would disappear from the service details view.
Contact email and Contact phone: These details will be displayed in the notifications that users will receive when there is a fraudulent attempt to access the service or any of its operations.
Operations: This corresponds to each of the actions included in the service but independent of each other, and that the developer wants to protect with Latch. The number of operations that can be included depending on the model of subscription chosen. In each of the operations, a "2nd OTP factor" (OTP) and an "Lock latches after request" (LOR) can be used. It is not compulsory to create operations and this will depend on the nature of the service to be protected.
Latch SDK installation guide for PowerShell
V.7.1 – November 2016
Page 6 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
Once the setup is complete and the changes have been saved, the new application will appear on the list of the developer's applications. This can be edited whenever you want.
Figure 06: Created application. It may be edited again at any moment.
1.3 Downloading the SDK
From the side menu in developers area, the developer can access the “Documentation & SDKs” section. Inside it, there is a “Plugins and SDKs” menu. Links to different SDKs in different programming languages and plugins developed so far, are shown.
Figure 07: Examples of SDKs and plugins available.
The developer must tap the button “DOWNLOAD” for this SDK to access its source code from the
“SDKs” section. A manual on the installation and use of the SDK can also be downloaded.
Latch SDK installation guide for PowerShell
V.7.1 – November 2016
Page 7 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
2 Installing the SDK
To install the SDK at sesión level it must be imported with the following command: Import-Module: Import Module “[path_to_downloaded_files]\LatchPowershellSDK.dll”
After importing the libray, one can see the available commands by typing: Get-Module.
Figure 08: Importing the library
Some commands in the list are not shown due to window size, to see them all save the command’s output on a variable:
Figure 09: Available commands
2.1 Configuring the SDK
One of the commands is Get-Pair which is used to pair the Latch user with the PowerShell application.
To run the command, certain parameters are required. Those are the Application ID and the Secret generated previously when creating our application in the developer area. For simplicity, it’s recommended to save them on separate variables because they will be used in every API call.
Figure 10: Application ID and Secret stored in variables
Next, we will use the Get-Pair command to pair our new user. The response from the server should be saved in a variable (e.g. $response) to use it later and access the data. When executing the command, a token needs to be provided. This is generated by the user in his mobile application for pairing the service. Once the command is run (figure 11), if everything goes well, the user will receive a Service Paired notification (figure 12).
Latch SDK installation guide for PowerShell
V.7.1 – November 2016
Page 8 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
Figure 11: Pairing Latch. Figure 12: Notification after successful pairing.
The user’s Latch account is now paired with our PowerShell application. An AccountId has been generated accordingly to identify the user in our application. This identificator should be stored in a secure way, it will be used from now on to uniquely identify the user when consulting the Latch API.
The AccountId is present in the response of the Get-Pai” command. Access it and store it in a secure way:
Figure 13: Obtaining the AccountId.
The user can now configure the status of his Latch (on/off) and we consult it using the Get-Status command. This command uses the ApplicationID, Secret and the AccountId of the user whose status is to be checked. The server’s response contain’s a Data object that contains the requested operation’s status, or an Error object with a code and an error message.
The following image shows this process step by step and details how to access the status of the requested operation. Observed that the status has changed from off to on because the user has unlocked it in his phone.
Latch plugin installation and use guide for PowerShell
V.7.1 – November 2016
Page 9 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
Figure 14: Visualizing the response
Latch plugin installation and use guide for PowerShell
V.7.1 – November 2016
Page 10 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
Figure 15: PowerShell unlocked. Figure 16: PowerShell locked
2.2 Unpairing the PowerShell’s service in Latch
To unpair an user from our application execute the Get-Unpair command. You will be promted to introduce the Application id, Secret and AccountId. Alternatively provide them as parameters. The user will receive a notification indicating that the service has been unpaired.
Figure 17: Unpair Latch. Figure 18: Sucessfully unpaired.
Latch plugin installation and use guide for PowerShell
V.7.1 – November 2016
Page 11 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
3 Resources
For more information about how to use Latch and testing more free features, please refer to the user guide in Spanish and English:
1. Guía del usuario de Latch con Nevele Bank. 2. Latch user´s guide for Nevele Bank.
You can also access the following constantly expanded documentation:
Manuals in Spanish and English for integrating and using Latch with the available plugins, at the Latch website and via the ElevenPaths Slideshare channel.
Videos with subtitles in Spanish and English for integrating and using Latch with the available plugins on ElevenPaths' YouTube and Vimeo channels.
Manuals for integrating and using Latch in the organizations that have already implemented it (Movistar, Tuenti, UNIR, USAL, etc.), at the Latch website and via the ElevenPaths Slideshare channel.
Information about Latch API at the Latch website.
Latch plugin installation and use guide for PowerShell
V.7.1 – November 2016
Page 12 of 12 2016 © Telefónica Digital España, S.L.U. All rights reserved.
The information disclosed in this document is the property of Telefónica Digital España, S.L.U. (“TDE”) and/or any other entity within Telefónica Group and/or its licensors. TDE and/or any Telefonica Group entity or TDE’S licensors reserve all patent, copyright and other proprietary rights to this document, including all design, manufacturing, reproduction, use and sales rights thereto, except to the extent said rights are expressly granted to others. The information in this document is subject to change at any time, without notice.
Neither the whole nor any part of the information contained herein may be copied, distributed, adapted or reproduced in any material form except with the prior written consent of TDE.
This document is intended only to assist the reader in the use of the product or service described in the document. In consideration of receipt of this document, the recipient agrees to use such information for its own use and not for other use.
TDE shall not be liable for any loss or damage arising out from the use of the any information in this document or any error or omission in such information or any incorrect use of the product or service. The use of the product or service described in this document are regulated in accordance with the terms and conditions accepted by the reader.
TDE and its trademarks (or any other trademarks owned by Telefonica Group) are registered service marks.
PUBLICATION:
November 2016
elevenpaths.com Blog.elevenpaths.com @ElevenPaths Facebook.com/ElevenPaths YouTube.com/ElevenPaths
At ElevenPaths we have our own way of thinking when we talk about security. Led by Chema Alonso, we are a team of experts who are passionate about their work, who are eager to redefine the industry and have great experience and knowledge about the security sector.
Security threats in technology evolve at an increasingly quicker and relentless pace. Thus, since June 2013, we have become a startup company within Telefónica aimed at working in an agile and dynamic way, transforming the concept of security and, consequently, staying a step ahead of our attackers.
Our head office is in Spain, but we can also be found in the UK, the USA, Brazil, Argentina and Colombia.
If you wish to know more about us, please contact us at:
