1. Home
  2. Docs
  3. Authentification
  4. 3G/4G User Authentication
  5. 3G/4G Authentification

3G/4G Authentification

Bizao allows you also to authenticate your end-user in implicit mode.

The Bizao platform will notify you on your CallBack URL with the specific BIZAO_TOKEN and BIZAO_ALIAS.

For each targeted countries, you have to use a dedicated redirection URL in required format.

List of redirection URL by country

country-nameRedirection URL
Ivory Coastwaaat.orange.ci/BIZAO/?CallBack=SP-callBackURL-in-encoded-format
Burkina Fasonot yet available

Format of CallBack parameter:

  1. The CallBack parameter must contain your URL in encoded format (you can use this site to encode your URL: https://www.urlencoder.org/)
  2. For security reasons this URL should be in https (port 443)
  3. This URL will be used by Bizao to push you user’s credentials (BIZAO_TOKEN & BIZAO_ALIAS) as Headers using a GET-Query
  4. If you receive these credentials in encoded format, you will have to decode it before use.
  5. If you add some correlation parameters within your CallBack URL, Bizao will forward these parameters to your CallBack
  6. Any data sent back by your CallBack URL (response body for example) will be encoded in base64


Before testing the 3G/4G authentication flow (HE) please ensure that:

  1. Your Internet connection is made through a 3G/4G SIM Card connected to the local network
  2. You are getting proper mobile network
  3. You are not connected to Wifi network
  4. Your mobile data is switched on

Below a sample of complete 3G-redirection-URL:http://waaat.orange.ci/BIZAO/?CallBack=https%3A%2F%2FMyDomain%2FMyHomePage%3FCorrelationID%3Dxxxxxx

HE information


Explanations using PHP

1- End-user redirection for authentication

$yourCallback = urlencode('yourCallBackUrl');
Header(“Location: http://waaat.orange.ci/BIZAO/?CallBack=$yourCallback”);


Please note that the waaat.orange backend has been updated on the 18th of March 2019.

Previous behaviour in case of HE failure:

401 response generated

Missing Credentials
Required OAuth credentials not provided. Make sure your API invocation call has a header: "Authorization: Bearer ACCESS_TOKEN"

New behaviour in case of HE failure:

In Ivory Coast

Same behaviour. No redirection made to your callback url.

In other countries

Your callback url is called but the bizao-token and the bizao-alias are not provided.

Your web app needs to manage this situation and switch the end-user to another authentication method like OTP. JavaScript and Ajax may be helpfull to manage this switch because the end-user will remain on your page.

2- Your callback’s response

Header(“Location: aUrlOfYourChoiceToRedicrectTheEnd-userTo”);

How to test your callback url ?

The request below will allow you to test your callback url by simulating a successfull HE.

  • Bizao-URI: /auth/v1/3g/sp/notify
  • Bizao-Host: api.bizao.com
  • CallBack parameter: your encoded callback url

Your query will contain the Headers below:



curl -X GET\
  https://api.bizao.com/auth/v1/3g/sp/notify?Callback=https%3A%2F%2FMyDomain%2FMyHomePage%3FCorrelationID%3Dxxxxxx \
  -H 'authorization: Bearer YOUR_ACCESS_TOKEN' \
  -H 'orangeapitoken: BIZAO_TOKEN' \
  -H 'x-orange-ise2: BIZAO_ALIAS' \
Was this article helpful to you? Yes 5 No 1

How can we help?