This page provides an overview of the steps that need to be taken to support Mobile Connect within your services and applications. These steps are shown in the diagram below.
Registration - setting up your organisation and applications on the Developer Portal
Integration - implementing and testing the Mobile Connect APIs with your applications or services
Contractual - accepting the Mobile Connect Marketing Licence Agreement and the Operator Terms & Conditions for Mobile Connect.
API access - requesting access to Operator environments
Registering on the Developer Portal is necessary when implementing Mobile Connect as it gives you access to the sandbox environment and the ability to make automatic provisioning requests to the operators that manage end-user authentication.
The Developer Portal requires a verified email address for an account to be created. Once your account has been created then you MUST use Mobile Connect to authenticate your account. Once your account has been created you can add a password to your account.
You can create as many Developer Portal accounts as you need.
There are three steps that need to be considered; creating your applications, technical integration and using the Sandbox.
Creating an application
When you create your account on the Developer Portal you have the option of creating an application as part of the registration process, this step is optional and can be skipped. Applications can also be created and edited from the My Apps page in My Account, where you can create multiple applications. When an application is created credentials are setup for each of the Sandbox operators. These credentials can be found on the application page of the “My Apps” section.
It is important that when creating an application intended for production that you provide as much information as possible in the application description. This information is used by the operators when making decisions on provisioning.
The Redirect URI
The Application Redirect URL is required by the Mobile Connect APIs to ensure that authorization responses are only ever delivered to your own services or applications. This is a mandatory requirement of the OpenID Connect standard upon which Mobile Connect is based. To ensure maximum compatibility of your service/application it is recommended that you specify a Redirect URL accessible over https. Individual operators may impose specific restrictions on the Redirect URL (e.g. it may need be to be on a publicly accessible server and accessed over https).
Mobile Connect Authorisation uses a client name when you request that your end-users authorise a transaction. You can define a set of client names to be used with the applications you register.
The GSMA provides a number of SDK's and Libraries to make the integration process easier. Currently we support Android, iOS, Java, .Net and PHP. There is detailed documentation covering the API's along with supporting guides and reference materials. Assistance for integration issues is provided via the Support page.
A sandbox is provided to test your implementations of the Mobile Connect APIs and to allow you a deeper understanding go how the API's work. The Sandbox supports a full end to end experience for all Mobile Connect products and has been fully tested with all the SDKs. The sandbox supports SMS authentication via real devices by adding your test numbers to the My Test Numbers section of My Account. Credentials for using the Sandbox are listed in the Application details page of My Apps.
The Marketing Licensing Agreement
To use Mobile Connect in a production environment you will need to accept the Marketing Licence Agreement (this is offered free of charge). This requires that you agree to adhere to the Mobile Connect Privacy Principles. We will need to collect some information during this acceptance, this information will will be shared with the Operators with services you want to access and may be shared with other Operators in the federation. You will not be able to provision applications or launch a service until the licence is accepted.
Signing the Marketing Licencing Agreement gives you:
- Access to the Mobile Connect Branding Guidelines and Mobile Connect Brand Assets
- The ability to request provisioning for your application from supported operators
- The ability to accept Operator Terms & Conditions via the Developer Portal
The agreement can be accepted in the My Organisation section of the My Account page, acceptance can be completed at any time.
Operator Terms and Conditions
Before accessing an Operator's live network you must first accept the Terms & Conditions of that operator. To assist with this the Developer Portal allows you to accept a set of Standard Terms & Conditions for participating operators. The My Operators section of My Account displays a table of participating operators. Here the Standard Terms and Conditions can be viewed or downloaded and can be accepted. Once accepted then a PDF of the agreement will be downloaded.
For operators not listed in My Operators go to the relevant operator page (linked from here) and use the Commercial Contact details that are listed. If there are no commercial contact details listed then that means the operators is not currently accepting requests.
NOTE: The My Operators Page is only available to those users that have accepted the Marketing Licence Agreement.
This is the process of requesting that your application be given access to operator APIs.
Requesting access via the Developer Portal
Requesting access will send a request on your behalf to your selected operators. This request will include details of your organisation and your application. This functionality is available from the application detail page. If you have accepted the Marketing Licence Agreement the application detail page will display the Request Access tab; selecting this will take you to a page where you can choose the countries you wish access to.
NOTE: The request access functionality is only available to those users that have accepted the Marketing Licence Agreement.
If an operator is not listed on the Request access page then you will need to contact them directly, using the contact details on the operator page, to request access to their APIs. When you contact the operator please ensure that you provide the following details:
- Your registered email address
- Your organisation name and details
- The application name and details
- The application redirect URL
Also provide any other information that you feel may be relevant to your request such as relevant URLs and app store details along with further other organisation details.
Once the operator receives a request for access, either via the Developer Portal or a directly they will then assess that request. Once accepted, your application will then be granted access to the operator API's
An operator will contact you to with one of the following responses:
- Confirm that your application has been granted access
- Request more information
- Ask for specific changes
- Reject your request
Once an operator notifies you that your application has been granted access you may begin testing your integration.
If you have any questions/issues you can e-mail GSMA's Service Desk on firstname.lastname@example.org but please be aware that we are unable to help you with technical queries about the integration of the API's into your application.
For technical queries, you will need to contact the Operator's support desk, please click here to get details of the Operators' technical support details