Table of Contents

3G User Authentication (Redirect URL)

You are here:
< All API Documentations

1. Principles

Bizao allows you also to authenticate your end-user with a URL redirect flow in
implicit mode.
The Bizao platform will notify you on your CallBack URL with the specific BIZAO_TOKEN
and BIZAO_ALIAS.
For each country’s 3G-network you target, you have to use a dedicated redirection URL in
the required format.

2. List of 3G-redirection URL by country

Below a list of authorized 3G-redirection URLs for Bizao by country :

Country-nameRedirection URL
Ivory Coasthttp://waaat.orange.ci/BIZAO/?CallBack=SP-callBackURL-in-
encodedformat
Cameroonhttp://waaat.orange.cm/BIZAO/?CallBack=SP-callBackURL-in-encodedformat
Senegalhttp://waaat.orange.sn/BIZAO/?CallBack=SP-callBackURL-in-
encodedformat
Congo-DRhttp://waaat.orange.cd/BIZAO/?CallBack=SP-callBackURL-in-
encodedformat
Burkina Fassohttp://waaat.orange.bf/BIZAO/?CallBack=SP-CallBack -callBackURL-
inencoded-format

Format of CallBack parameter :

a. The CallBack URL is used as notification URL, Bizao will use it to send you the user
credentiel
b. The CallBack parameter must contain your URL in encoded format (you can use this
site to encode your URL: https://www.urlencoder.org/)
c. For security reasons this URL should be in https (port 403 to be activated)
d. This URL will be used by Bizao to push you User’s credential (BIZAO_TOKEN &
BIZAO_ALIAS) as Headers using a ‘GET query’
e. You may receive the credentials in an encoded format. In that case you have to
decode it before use.
f. You can add some correlation parameter within your CallBack URL, Bizao will
propagate these parameters to your CallBack.
g. Your response to Bizao-notification must be http 302 with your Location-URL (send
the full path of your HomePage URL. Do not make a second 3G redirection within
this HomePage)
h. Bizao will forward this Location-URL to the end-user to let him continue the purchase
journey
a. Below a sample of complete 3G-redirection-URL with example of correlation data :

http://waaat.orange.bf/BIZAO/?CallBack=https%3A%2F%2FMyDomain%2FMyHomePage%3FCorrelationID%3Dxxxxxx

Note: To test the 3G authentication flow please ensure that:

  1. You use the targeted country’s 3G/4G SIM Card.
  2. Make sure you’re getting proper mobile network.
  3. Make sure Wi-Fi is Turned off
  4. Enable Mobile Data OR 3G/4G from device settings.
  5. Go to Setting >> Data Saver >> Turn it OFF.
  6. Go to Setting >> Privacy >> Clear browsing cache.
  • End-user redirection once getting on your home page

Some explanations with PHP :

$yourCallback = urlencode('yourCallBackUrl');
Header(“Location: http://waaat.orange.ci/BIZAO/?CallBack=$yourCallback”);

Be careful:

If the end-user is connected to Wi-Fi you will receive a 503 or 401 response from
waaat.orange. Your backend has to manage this situation and switch the user to
another authentication method like OTP.
After the redirection to waaat.orange is made and the user authenticated,
a Bizao_token and a Bizao_alias will then be forwarded to your callback url.

  • End-user redirection once getting on your home page
Header(“Location: aUrlOfYourChoiceToRedicrectTheEnd-userTo”);

Some HTTP headers from the request made on your callback url :

Resource: /3g/sp/notify?CallBack=yourCallBackUrl
Context: /auth/v1
X-Forwarded-Server: api.bizao.com
X-Forwarded-Host: api.bizao.com
Bizao-Alias: BIZAO_ALIAS encoded
Bizao-Token: BIZAO_TOKEN encoded

3. Authentication error

If the client is connected in Wi-Fi, Push mode authentication will not be successful. Bizao
infrastructure will not send any Token and Alias.

HTTP Code
Status
and
CodeMessageDescription
We are unable to sign
you in. Please try again
Error in waaat.orange url
401900902Missing Credentials (XML)When the 3G
authentication is
attempted without a local
3G network
Previous OTP User Authentication (One time Password)
Next MO User Authentication