This example demonstrates how to integrate server side library

Configuring and running the Server Side Library

  1. Register an account or login to the Mobile Connect Developer Portal and create an application to obtain your sandbox credentials.
  2. Download the Mobile Connect Server Side project

    git clone
  3. Open the configuration file: \mobile-connect-demos\GSMA.MobileConnect.Demo.ServerSide\App_Data\OperatorData.json.
    Here are 11 parameters:

    Note: if you operate in the EU then you should use EU Discovery Service domain:

      "clientID": "your client Id",
      "clientSecret": "your client Secret",
      "discoveryURL": "your Discovery endpoint",
      "redirectURL": "http://your server side app host:8080/server_side_api/discovery_callback",
      "xRedirect": "True",
      "includeRequestIP": "True",
      "apiVersion": "mc_v1.2",
      "scope": "openid mc_authn",
      "acrValues": "2",
      "UseInfo": "True",
      "Identity": "True"
  4. Download and install any missing dependencies
  5. Build the SDK
  6. Run the MobileConnect demo

Using the Server Side Application

With your configuration specified in the configuration file you have everything you need to make a successful call to the server side application.

Example request:
If you are using only msisdn the request to your server side part will be: http://localhost:8080/server_side_api/start_discovery?msisdn=447700900907
When you are using mcc and mnc it will be: http://localhost:8080/server_side_api/start_discovery?mcc=907&mnc=07
If you choose 'None' mode: http://localhost:8080/server_side_api/start_discovery

Send your request. Makes StartDiscovery method call with your configuration in parameters:

        public async Task<IHttpActionResult> StartDiscovery(string msisdn = "", string mcc = "", string mnc = "")
            string sourceIp = Request.Headers.Any(h => h.Key.Equals("X-Source-IP")) ?
                Request.Headers.GetValues("X-Source-IP").ToList().FirstOrDefault() :

            var requestOptions = new MobileConnectRequestOptions { ClientIP = sourceIp };

            var status = await _mobileConnect.AttemptDiscoveryAsync(
                Request, msisdn, mcc, mnc, false, _includeRequestIP, requestOptions);

            _requestMessage = Request;

            if (HandleErrorMsg(status) == true)
                status = await _mobileConnect.AttemptDiscoveryAsync(
                    Request, null, null, null, false, false, requestOptions);

            if (status.DiscoveryResponse != null && 
                status.DiscoveryResponse.ResponseCode == Utils.Constants.Response_OK)
                CachedParameters.sdkSession = status.SDKSession;
                var authResponse = await StartAuthentication(
                    Request, status.SDKSession, status.DiscoveryResponse.ResponseData.subscriber_id);

                return authResponse;
                return GetHttpMsgWithRedirect(status, status.ErrorCode);

This method calls AttemptDiscovery SDK method with your parameters from config file.
If discovery request with msisdn, mcc+mnc or source ip fails - method perform Discovery UI flow to discover operator
1) msisdn mode: method generates auth URL and respond with 302 redirect to this URL. After you follow the redirect, and pass consent confirmation screen, redirect will be proceed by Server Side HandleUrlRedirectAsync method
        public async Task<MobileConnectStatus> HandleUrlRedirectAsync(
            HttpRequestMessage request,
            Uri redirectedUrl,
            string sdkSession = null,
            string expectedState = null,
            string expectedNonce = null,
            MobileConnectRequestOptions options = null)
            var discoveryResponse = await GetSessionFromCache(sdkSession);

            if (discoveryResponse == null && (expectedNonce != null || expectedState != null || sdkSession != null))
                return GetCacheError();

            return await CacheIfRequired(
                await MobileConnectInterfaceHelper.HandleUrlRedirect(

2) mcc_mnc mode or none mode: you will be redirected to the operator selection page. Here you can type your msisdn and process page.

After getting URL with 'code' and 'state' parameters application calls token endpoint with received data and get token, that could be used in authentication process in your web application

Discovery caching

Discovery response is cached in SDK with following rules:
1) After succeed Discovery request, Discovery response is cached with used mcc/mnc, msisdn or sourceIp.
2) Expiration time for Discovery Response cache is the same as "ttl" field in Discovery Response - if Discovery Response expired - that deleted from cache
3) Next requests for Discovery with the same mcc/mnc, msisdn or sourceIp - Discovery request shouldn't be performed, Discovery response should be taken from cache
4) If auth call respond with error - Discovery Response deleted from cache, and SDK redirect you to Discovery UI