Update Samsung Wallet Card Templates Using the Server API
-
Similar Topics
-
By Samsung Newsroom
Card template management is a crucial task for partners in the Samsung Wallet ecosystem that is typically handled through the Wallet Partners Portal. Manually altering numerous existing templates via the web interface can be inefficient and challenging. Samsung provides a set of server-side APIs to address this, allowing partners to programmatically manage and modify their card templates for greater operational agility.
Using these APIs enables partners to integrate update capabilities directly into their own ecosystems. This automation facilitates the seamless maintenance of card offerings, helping partners keep their content dynamic and up-to-date.
As a partner, this article walks you through the implementation of the Update Wallet Card Template API specifically using Python. If you are a Java developer or want to implement the Add Wallet Card Template API, you can follow the previous content on creating Samsung Wallet card templates.
NoteTo follow this article, you'll need an existing card template and its cardId. Make sure you have completed the Samsung Wallet onboarding to obtain the necessary certificates. Also, you need permission to use this API. Only permitted partners can use this API. API overview
This section details the REST API designed for modifying a pre-existing wallet card template, enabling direct updates from a partner's server.
Endpoint URL: Direct requests to modify a card template to the following URL. It is imperative to substitute {cardId} with the identifier of the specific card template you intend to alter.
https://tsapi-card.walletsvc.samsung.com/partner/v1/card/template/{cardId} Request headers: Secure interaction with this API is restricted to authenticated partners. The headers detailed below are vital for establishing a secure and validated communication channel with the Samsung server.
Authorization: This field must contain the Bearer token. For comprehensive information, consult the JSON web token documentation. X-smcs-partner-id: This field must be populated with your unique partner identifier. X-request-id: A universally unique identifier (UUID) is required here, freshly generated for each request. Request body: The payload of the request needs to be structured as a JSON object. This object must include a key named ctemplate, with its value being a JWT token. This specific JWT securely contains the complete data for the revised card template.
For a deeper dive into the API specifications, check the official documentation.
Implementing the API to create a card template
The Update Wallet Card Template API enables partners to modify existing card templates in the Wallet Partners Portal. In this section, we implement Python code to update a coupon card template, for example, by changing its title.
Extracting the keys from certificates
Extract the public and private keys from the certificate files obtained during the onboarding process.
def getPublicKey(crt_path): """ Extract publick key from a .crt file. """ try: with open(crt_path, "rb") as f: crt_data = f.read() certificate = x509.load_pem_x509_certificate(crt_data, default_backend()) public_key = certificate.public_key() public_key_pem = public_key.public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo ) return jwk.JWK.from_pem(public_key_pem) except Exception as error: print(f"Error reading public key from {crt_path}: {error}") return None def getPrivateKey(pem_path): ''' Extract private key from a .pem file. ''' try: with open(pem_path, "rb") as pem_data: private_key = serialization.load_pem_private_key( pem_data.read(), password = None, backend = default_backend() ) return private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption() ) except Exception as error: print(f"Error reading private key from {pem_path}: {error}") return None Generating the authorization token
The Samsung server uses a JWT format token to verify if the request is from an authorized partner. Follow these steps to create an authorization token.
Create an authorization token header. Set the payload content type to ‘AUTH’ since this is an authorization token. Create the payload using the authorization token header. Generate the authorization token. The following code snippet demonstrates these steps.
def generateAuthToken(partnerId, certificateId, utcTimestamp, privateKey, cardId): auth_header = { "cty": "AUTH", "ver": 3, "certificateId": certificateId, "partnerId": partnerId, "utc": utcTimestamp, "alg": "RS256" } auth_payload = { "API": { "method": "POST", "path": f"/partner/v1/card/template/{cardId}" }, } auth_token = jwt.encode( payload=auth_payload, key=privateKey, algorithm='RS256', headers=auth_header ) return auth_token Generating a payload object token
The request body includes a parameter named ctemplate, which is also a JWT token. Create the JWT token using the following code snippet.
def generateCDataToken(partnerId, samsungPublicKey, partnerPrivateKey, certificateId, utcTimestamp, data): jwe_header = { "alg": "RSA1_5", "enc": "A128GCM" } jwe_token = jwe.encrypt( data, samsungPublicKey, encryption=jwe_header["enc"], algorithm=jwe_header["alg"] ) print(f"jwe_token: \n{jwe_token}\n") jws_header = { "alg": "RS256", "cty": "CARD", "ver": 3, "certificateId": certificateId, "partnerId": partnerId, "utc": utcTimestamp, } jws_token = jws.sign( jwe_token, key=partnerPrivateKey, algorithm='RS256', headers=jws_header ) print(f"jws_token: \n{jws_token}\n") return jws_token Building and executing the request
Build and send the HTTP request to the specified update endpoint. Add all fields that you want to modify in the ’cDataPayload’ object. Refer to the documentation to identify the fields that you can modify.
def main(partnerId, cardId, certificateId, utcTimestamp, requestId, endpoint): partnerPublicKey = getPublicKey("../cert/partner.crt") print(f"partnerPublicKey {partnerPublicKey}") samsungPublicKey = getPublicKey("../cert/samsung.crt") print(f"samsungPublicKey {samsungPublicKey}\n") partnerPrivateKey = getPrivateKey("../cert/private_key.pem") print(f"partnerPrivateKey {partnerPrivateKey}\n") authToken = generateAuthToken(partnerId, certificateId, utcTimestamp, partnerPrivateKey, cardId) print(f"authToken {authToken}\n") cDataPayload = {} # --- Add data here that you want to update. cDataPayload["cardTemplate"] = { "title": "Update Card tile", "countryCode": "KR", "saveInServerYn": "Y" } data = json.dumps(cDataPayload).encode('utf-8') cDataToken = generateCDataToken(partnerId, samsungPublicKey, partnerPrivateKey, certificateId, utcTimestamp, data) print(f"cDataToken: \n{cDataToken}\n") # --- Prepare JSON body (Python dictionary) --- c_data_json_body = { "ctemplate": cDataToken } # --- Build HTTP Request --- headers = { "Authorization": "Bearer " + authToken, "x-smcs-partner-id": partnerId, "x-request-id": requestId, "x-smcs-cc2": "KR", "Content-Type": "application/json" } # --- Execute HTTP Request --- try: response = requests.post(endpoint, json=c_data_json_body, headers=headers) response.raise_for_status() print("Wallet Card Template updated successfully: " + json.dumps(response.json())) except requests.exceptions.RequestException as e: print("Failed to update Wallet Card Template:") print(f"Error: {e}") if response: print("Response body:", response.text) Running the application
Download the sample project and open it with any IDE, then follow this process.
Configure: Update ‘PARTNER_ID’, ‘CERTIFICATE_ID’, and, crucially, ‘CARD_ID_TO_UPDATE’ in src/main.py with your actual credentials and the ID of the card you need to modify.
Place certificates: Ensure your partner.crt, samsung.crt and private_key.pem files are in the cert/ directory.
Install dependencies: Install all the required dependencies from the requirements.txt file.
pip install -r requirements.txt Execute: Run the main script from the terminal. python src/main.py If the request is successful, the specified card template in the Wallet Partners Portal is updated. The API returns the updated card ID with a success status, otherwise it returns an error. Find all the status codes in the '[Result]' section of the documentation.
Wallet Card Template updated successfully: { "cardId": "cardId", "resultCode": "0", "resultMessage": "UPDATE_SUCCESS" } Conclusion
By implementing the API to update an existing Samsung Wallet card template through this article, you can now automate and streamline the management of your card templates, ensuring that they always reflect the latest information.
References
For additional information on this topic, refer to the resources below.
Sample project code Create Samsung Wallet Card Templates Using the Server API Business Support for Special Purposes documentation View the full blog at its source
-
By Samsung Newsroom
Samsung Wallet Partners can create and update card templates to meet their business needs through the Wallet Partners Portal. However, if the partner has a large number of cards, it can become difficult to manage them using the Wallet Partners Portal website. To provide partners with more flexibility, Samsung provides server APIs so that partners can easily create and modify Samsung Wallet card templates without using the Wallet Partners Portal. With these APIs, partners can also create their own user interface (UI) or dashboard to manage their cards.
In this article, we implement the Add Wallet Card Templates API to create a card template for a Coupon in the Wallet Partners Portal. We focus on the API implementation only and do not create a UI for card management.
Prerequisites
If you are new to Samsung Wallet, complete the onboarding process and get the necessary certificates. As a Samsung Wallet Partner, you need permission to use this API. Only authorized partners are allowed to create wallet card templates using this API. You can reach out to Samsung Developer Support for further assistance. API overview
The REST API discussed in this article provides an interface to add wallet card templates directly from the partner's server. This API utilizes a base URL, specific headers, and a well-structured body to ensure seamless integration.
URL: This is the endpoint where the request is sent to create a new wallet card template.
https://tsapi-card.walletsvc.samsung.com/partner/v1/card/template Headers: The information provided in the headers ensures secure communication between the partner's server and Samsung's server.
Authorization: The Bearer token. See the JSON Web Token documentation for details. X-smcs-partner-id: This is your partner ID. The partner ID gives you permission to use the API. X-request-id: Use a randomly generated UUID string in this field. Body: The body must be in the JWT token format. Convert the payload data (card template in JSON format) into a JWT token.
For more details about the API, refer to the documentation.
Implementation of the API to create a card template
The Add Wallet Card Templates API allows you to add a new card template to the Wallet Partners Portal. You can also create the card in the portal directly, but this API generates a new card template from your server, without requiring you to launch the Wallet Partners Portal. Follow these steps to add a new card template.
Step 1: Extracting the keys
Extract the following keys from the certificates. These keys are used while generating the JWT token.
RSAPublicKey partnerPublicKey = (RSAPublicKey) readPublicKey("partner.crt"); RSAPublicKey samsungPublicKey = (RSAPublicKey) readPublicKey("samsung.crt"); PrivateKey partnerPrivateKey = readPrivateKey("private_key.pem"); Extracting the public keys
Use the following code to extract the partner public key and the Samsung public key from the partner.crt and samsung.crt certificate files, respectively. You received these certificate files during the onboarding process.
private static PublicKey readPublicKey(String fileName) throws Exception { // Load the certificate file from resources ClassPathResource resource = new ClassPathResource(fileName); try (InputStream in = resource.getInputStream()) { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); X509Certificate certificate = (X509Certificate) certFactory.generateCertificate(in); return certificate.getPublicKey(); } } Extracting the private key
The following code extracts the private key from the .pem file you generated during the onboarding process. This key is needed to build the auth token.
private static PrivateKey readPrivateKey(String fileName) throws Exception { String key = new String(Files.readAllBytes(new ClassPathResource(fileName).getFile().toPath())); key = key.replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "").replaceAll("\\s", ""); byte[] keyBytes = Base64.getDecoder().decode(key); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(keyBytes)); } Step 2: Generating the authorization token
Samsung's server checks the authorization token of the API request to ensure the request is from an authorized partner. The authorization token is in the JWT format. Follow these steps to create an authorization token:
Building the auth header
Create an authHeader. Set “AUTH” as its payload content type to mark it as an authorization token. As you can create multiple certificates, use the corresponding certificate ID of the certificate that you use in the project. You can get the certificate ID from “My account > Encryption Management” of the Wallet Partners Portal.
// create auth header JSONObject authHeader = new JSONObject(); authHeader.put("cty", "AUTH"); authHeader.put("ver", 3); authHeader.put("certificateId", certificateId); authHeader.put("partnerId", partnerId); authHeader.put("utc", utcTimestamp); authHeader.put("alg", "RS256"); Creating the payload
Create the payload using the authHeader. Follow this code snippet to create the payload.
// create auth payload JSONObject authPayload = new JSONObject(); authPayload.put("API", new JSONObject().put("method", "POST").put("path", "/partner/v1/card/template")); authPayload.put("refId", UUID.randomUUID().toString()); Building the auth token
Finally, generate the authorization token. For more details, refer to the “Authorization Token” section of the Security page
private static String generateAuthToken(String partnerId, String certificateId, long utcTimestamp, PrivateKey privateKey) throws Exception { // create auth header // create auth payload // return auth token return Jwts.builder() .setHeader(authHeader.toMap()) .setPayload(authPayload.toString()) .signWith(privateKey, SignatureAlgorithm.RS256) .compact(); } Step 3: Generating a payload object token
The request body contains a parameter named “ctemplate” which is a JWT token. Follow these steps to create the “ctemplate.”
Creating the card template object
Select the proper card template you want to create from the Card Specs documentation. Get the payload object as JSON format. Now create the JSONObject from the JSON file using the following code snippet.
// creating card template object JSONObject cDataPayload = new JSONObject(); cDataPayload.put("cardTemplate", new JSONObject() .put("prtnrId", partnerId) .put("title", "Sample Card") .put("countryCode", "KR") .put("cardType", "coupon") .put("subType", "others") .put("saveInServerYn", "Y")); Generating the JWE token
Create the JWE token using the following code snippet. For more details about the JWE format, refer to the “Card Data Token” section of the Security page.
// JWE payload generation EncryptionMethod jweEnc = EncryptionMethod.A128GCM; JWEAlgorithm jweAlg = JWEAlgorithm.RSA1_5; JWEHeader jweHeader = new JWEHeader.Builder(jweAlg, jweEnc).build(); RSAEncrypter encryptor = new RSAEncrypter((RSAPublicKey) samsungPublicKey); JWEObject jwe = new JWEObject(jweHeader, new Payload(String.valueOf(cDataPayload))); try { jwe.encrypt(encryptor); } catch (JOSEException e) { e.printStackTrace(); } String payload = jwe.serialize(); Building the JWS header
Next, follow this code snippet to build the JWS header. Set “CARD” as the payload content type in this header.
// JWS Header JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256) .contentType("CARD") .customParam("partnerId", partnerId) .customParam("ver", 3) .customParam("certificateId", certificateId) .customParam("utc", utcTimestamp) .build(); Building the JWS token
Generate the JWS token from the previously generated JWE token and, finally, get the “ctemplate” JWT. Follow the “JWS Format” section of the Security page.
private static String generateCDataToken(String partnerId, PublicKey partnerPublicKey, PublicKey samsungPublicKey, PrivateKey partnerPrivateKey, String certificateId, long utcTimestamp) throws Exception { // creating card template object // JWE payload generation // JWS Header // JWS Token generation JWSObject jwsObj = new JWSObject(jwsHeader, new Payload(payload)); RSAKey rsaJWK = new RSAKey.Builder((RSAPublicKey) partnerPublicKey) .privateKey(partnerPrivateKey) .build(); JWSSigner signer = new RSASSASigner( ); jwsObj.sign(signer); return jwsObj.serialize(); } Step 4: Building the request
As all of the required fields to create the request have been generated, you can now create the request to add a new template. Follow the code snippet to generate the request.
private static Request buildRequest(String endpoint, String partnerId, String requestId, String authToken, String cDataToken) { // Prepare JSON body JSONObject cDataJsonBody = new JSONObject(); cDataJsonBody.put("ctemplate", cDataToken); RequestBody requestBody = RequestBody.create( MediaType.parse("application/json; charset=utf-8"), cDataJsonBody.toString() ); // Build HTTP Request Request request = new Request.Builder() .url(endpoint) .post(requestBody) .addHeader("Authorization", "Bearer " + authToken) .addHeader("x-smcs-partner-id", partnerId) .addHeader("x-request-id", requestId) .addHeader("x-smcs-cc2", "KR") .addHeader("Content-Type", "application/json") .build(); return request; } Step 5: Executing the request
If the request is successful, a new card is added to the Wallet Partners Portal and its “cardId” value is returned as a response.
private static void executeRequest(Request request) { // Execute HTTP Request try (Response response = client.newCall(request).execute()) { if (response.isSuccessful()) { System.out.println("Wallet Card Template added successfully: " + response.body().string()); } else { System.out.println("Failed to add Wallet Card Template: " + response.body().string()); } } } Implement as a server
At this point, you can add a webpage UI for creating card templates and deploy it as a web service. In this sample project, there is no UI added. But, you can deploy this sample as a web service and test it.
Conclusion
This tutorial shows you how you can create a new Samsung Wallet card template directly from your server by using a REST API. Now that you can implement the API, you can add a UI and make it more user-friendly. Also implement the Updating Wallet Cards Templates API for better card management.
References
For additional information on this topic, refer to the resources below:
Sample project code. Business Support for Special Purposes documentation. View the full blog at its source
-
By Samsung Newsroom
The previous tutorial, Implementing "Add to Wallet" in an Android Application, showed how to generate and sign a card data token to add the card to Samsung Wallet. This tutorial demonstrates how you can perform server interactions with the Samsung Wallet server and retrieve information such as the card states on a user’s device.
If you are a Samsung Wallet partner who is offering Samsung Wallet cards to your users, you might also want to know how you can track a provided wallet card’s status on a user’s device. Follow along in this tutorial to learn how you can utilize the Send Card State API and retrieve this information to your own server. All code examples used in this tutorial can be found within the sample code provided at the end of this tutorial for further reference.
Card states and the Send Card State API
The Samsung Wallet card’s status on a user’s device is represented by various states, such as ADDED, UPDATED, or DELETED.
Whenever the card state of a card changes on a user’s device, Samsung Wallet server sends a notification to the configured partner server informing about the change. This API provided by Samsung is called the Send Card State API.
Figure 1: Samsung Wallet Card state changes Samsung provides the Send Card State API as a means of server-to-server communication between the Samsung server and the partner’s server and to let the partner know about the card state of their issued cards on user’s devices. With this API, partners can track the state of a wallet card on a user’s Samsung Galaxy device.
Prerequisites
Before you can test the Send Card State API, you need to:
Complete the Samsung Wallet onboarding process. Create a Samsung Wallet card template. Launch the wallet card template and have it in VERIFYING or ACTIVE status so that the card can be added to a user’s device. Have an existing server to receive the notifications. You can use CodeSandbox or a similar online hosting service for testing. Configure your firewall (if you use any) to accept incoming connections from the Samsung Wallet server (34.200.172.231 and 13.209.93.60). When you have completed all the prerequisites, proceed to the next step to configure your wallet card template to send requests to your server.
Configure the Wallet card template for the Send Card State API
To receive the Send Card State notifications on your server, you need to set your server’s URL in the desired Samsung Wallet card’s options:
Go to the Wallet Partners Portal. From the Wallet Cards dropdown, select “Manage Wallet Card.” Click the name of the wallet card. Click “Edit” and then scroll down to the “Partner Send card state” section to modify the Partner server URL. Click “Save” to set the partner server URL for the card. Figure 2: Partner Send card state URL input field Now, whenever a user adds or deletes an issued Samsung Wallet card to their device, the Samsung Wallet server automatically sends a POST notification to the Partner server URL set in the Wallet Partners Portal. Next you need to learn about the specification of the request so that you can handle it from the server.
Send Card State API specification and format
For a complete description of the Send Card State API specification, see Samsung Wallet documentation.
Request method
The Send Card State API uses a POST method to send a request to the server. The API path for the request is fixed and uses the partner server URL that you defined in section “Configure the Wallet card template for the Send Card State API.”
API path and URL parameters
The API path at the very end of the "Partner Send card state" section is the path where the Samsung server sends the Send card state POST request. So the complete API path URL is: {Partner server URL}/cards/{cardId}/{refId}?cc2={cc2}&event={event}.
Here, cardId is the Card ID of the wallet card template and refId is the reference ID field of the issued card data, which is a unique identifier. The cc2 query parameter is the 2-letter country code (ISO 3166-1 alpha-2) and event is the card state event (ADDED, DELETED, or UPDATED) occurring in the user’s device.
Consider the following example card configuration:
Partner server URL: https://partner.server.url Card id: 123 Ref id for the issued card: abc Country code: US In this configuration, whenever the user adds the card to their Samsung Wallet application, the Samsung Wallet server sends a Send card state notification to the following URL:
https://partner.server.url/cards/123/abc?cc2=US&event=ADDED.
Similarly, if a user from the United Kingdom deletes a card with the refId xyz, the POST request is sent to https://partner.server.url/cards/123/xyz?cc2=GB&event=DELETED.
Therefore, you can know if a card was added or removed from the user’s device directly from the query parameters.
POST request body
The POST request body does not contain any information regarding the card state. Rather it just provides a callback URL that you can use if you want to send an update notification for the card.
{ "callback": "https://us-tsapi.walletsvc.samsung.com" } POST request header
The POST request header contains all the required information for ensuring the authenticity of the request. It contains a request ID with the name “x-request-id” and a JWT bearer token credential for authentication with the name “Authorization” in the header.
The Samsung Wallet server uses a bearer authorization token to ensure the authenticity of the requests being sent to the partner server. For details of the security factors, see Authorization Token.
The bearer token is encoded in base64 following the JWT specification. It has three parts: JWS Header containing authentication related information, JWS Payload containing the API path, method, and refID, and JWS Signature, which validates that the bearer token is signed by the Samsung server.
JWS Header format:
{ "cty": "AUTH", // Always “AUTH” "ver": "3", // Can also be “2” for legacy card data token "partnerId": "4048012345678938963", // Your partner ID "utc": 1728995805104, // Time of signing in milliseconds "alg": "RS256", "certificateId": "A123" // Only provided for token version 3 } JWS Payload format:
{ "API": { "path": "/cards/3h844qgbhil00/2e19cd17-1b3e-4a3a-b904?cc2=GB&event=ADDED", "method": "POST" }, "refId": "2e19cd17-1b3e-4a3a-b904-f30dc91ac264" } Finally, the bearer token contains a signature to verify the token. This is signed using the Samsung Private Key and can be validated using the Public Key provided by Samsung Wallet during the onboarding process.
After receiving any request from the Samsung Wallet server, your server should send back an HTTP status code as a response. Samsung Server expects one of the following codes as a response:
200 OK 401 Unauthorized 500 Internal Server Error 503 Service Unavailable This is the complete specification of the Send Card State API that you need to be aware of before you implement the server.
Next, you need to configure your server to accept the POST request in the specified format.
Configure the Spring server to receive the POST request
To receive and interpret the Send Card State POST notifications sent by the Samsung Wallet server, you need to configure a partner server and host the server at the URL you specified earlier.
To receive the POST requests, this tutorial extends an existing server created using the Spring Boot framework. If you want to know how the Spring server is configured, check out the “Generate signed Wallet card data” section in the Implementing "Add to Wallet" in an Android Application tutorial. This CData generation server is used as the base server application for this tutorial, so the dependencies are the same as well. Now you can start implementing the tutorial.
Create a controller class to intercept the POST request
Samsung Wallet always sends the Send card state POST notification to the fixed API path URL: {Partner server URL}/cards/{cardId}/{refId}.
Create a new controller class in your Spring server to intercept any POST request that is sent to this API path. @RestController @RequestMapping("/cards") class CardStateController { @PostMapping(path = ["/{cardId}/{refId}"]) fun handleCardState(@PathVariable cardId: String, @PathVariable refId: String): HttpStatusCode { // Implement your logic here to process the card state. println("Received card state notification for card ID $cardId and reference ID $refId.") return HttpStatus.OK } } Run the server and then add or delete a card from your Samsung Wallet. If the partner server URL was set correctly in section “Configure the Wallet card template for the Send Card State API,” your server should receive a POST request from the Samsung server and print the following message to the console: “Received card state notification.”
Update the controller class to receive the query parameters
Handle the query parameters from the request by adding the following parameters as the function’s parameters: @RequestParam("cc2") cc2: String, @RequestParam("event") event: String Receive and print the request body using the @RequestBody body: String parameter. The function should now look like this:
@PostMapping(path = ["/{cardId}/{refId}"], params = ["cc2", "event"]) fun handleCardState(@PathVariable cardId: String, @PathVariable refId: String, @RequestParam("cc2") cc2: String, @RequestParam("event") event: String, @RequestBody body: String): HttpStatusCode { // Implement your logic here to process the card state. println("Country code: $cc2") println("Wallet Card State Event: $event") println("Request body: $body") return HttpStatus.OK } Now whenever the Samsung server sends a request to the server, it prints the device’s country code and the wallet card’s state event on the device.
Verify the POST request
This is the final and the most important step of this tutorial. Before accepting any incoming POST request, you should always validate the request by following the API specification mentioned earlier in the tutorial.
The security procedures can include but are not limited to:
Matching your PartnerID with the received partnerId custom parameter. Checking the token version with the ver custom parameter. For token version 3, match your CertificateID using the certificateId custom parameter. Checking the time of signing using the utc custom parameter. Matching the other JWS Header parameters with the values mentioned in the specification. Matching the Path from the JWS Payload with the received URL. Verifying the JWT. This section shows how you can implement each of these one by one.
First, parse the authentication token and read the header.
val signedJWT : SignedJWT = SignedJWT.parse(authToken) val jwsHeader : JWSHeader = signedJWT.header Match PartnerId and JWS Header parameters:
val ownPartnerId = "4048012345678938963" // Your partner ID from Samsung Wallet Partner Portal val receivedPartnerId = jwsHeader.customParams["partnerId"] val cType = jwsHeader.contentType val alg = jwsHeader.algorithm.name // Check if the JWS header parameters match the expected values if (cType == "AUTH" && alg == "RS256" && receivedPartnerId == ownPartnerId ) { println("JWS Header parameters matched") // Proceed with further verification } Check the token version and match CertificateId:
val ver = jwsHeader.customParams["ver"] val ownCertificateId = "A123" // Your certificate ID from Samsung Wallet Partner Portal val receivedCertificateId = jwsHeader.customParams["certificateId"]?: "" // If partner uses token version 3 in the JWS header of the CDATA, // Then Samsung server also returns version 3 response along with the certificate ID if(ver == "3" && receivedCertificateId == ownCertificateId){ println("JWS Header certificate ID matched") // Proceed with further verification } Check if the token was generated recently:
// Check if the timestamp is within acceptable range val utc = jwsHeader.customParams["utc"] as Long val timeDelta = System.currentTimeMillis() - utc println("Time Delta: $timeDelta") if (timeDelta < 600000L) { println("UTC Timestamp is within last 1 minute. Time delta = $timeDelta ms.") // Proceed with further verification } Match the API path with the received API path from the payload:
val receivedAPIValue = signedJWT.payload.toJSONObject()["API"]?.toString()?: "" val receivedAPIPath = receivedAPIValue.substring(6, receivedAPIValue.length - 14) val expectedPath = "/cards/$cardId/$refId?cc2=$cc2&event=$event" // Match the path in the payload with the expected path if (receivedAPIPath == expectedPath) { println("Path matched") // Proceed with further verification } Finally, validate the token using the Samsung Certificate provided to you during the onboarding process:
Read the Samsung Certificate from a file and then extract the public key. For instructions, refer to the CData generation server sample code at Implementing "Add to Wallet" in an Android Application. Build an RSAKey object using the extracted public key. Create an RSASSAVerifier object with the RSAKey to verify the token. Verify the token using the verifier. // Verify the signature of the JWT token using the public key provided by Samsung Wallet. val samsungPublicKey = readCertificate(getStringFromFile("sample/securities/Samsung.crt")) val rsaKey = RSAKey.Builder(samsungPublicKey as RSAPublicKey).build() val verifier: RSASSAVerifier = RSASSAVerifier(rsaKey) if(signedJWT.verify(verifier)){ println("Verification successful") // Implement your logic here to process the card state notification. // For example, you can update the card status in your database or trigger a notification to the user. // In this example, we simply return a 200 OK response indicating that the notification was successfully processed. return HttpStatus.OK } else { println("Verification Failed") // Return an appropriate HTTP status code indicating that the notification could not be verified. return HttpStatus.UNAUTHORIZED } Now the complete implementation of the Controller class to receive and verify the Send card state request is complete. Once a Send card state request is completely verified, you can accept the request as a valid card state update and make any changes as required. For example, you can update the card status information in your own database or trigger a notification to the user.
Summary
By completing this tutorial, you are now able to receive card state updates from the Samsung Wallet server using the Send Card State API and validate them. In a future tutorial, we will discuss how you can expand the server interaction functionality even further and how you can update Samsung Wallet card information on user devices through the Get Card Data API.
If you want to discuss or ask questions about this tutorial, you can share your thoughts or queries on the Samsung Developers Forum or contact us directly for any implementation-related issues through the Samsung Developer Support Portal. If you want to keep up-to-date with the latest developments in the Samsung Developers Ecosystem, subscribe to the Samsung Developers Newsletter.
Sample Code
You can click on the link given below to download the complete sample code used in this tutorial.
Wallet Card State Server Sample Code (55 KB) Dec 2024 Additional resources
Implementing "Add to Wallet" in an Android Application Send Card State Authorization Token ISO 3166 Country Codes View the full blog at its source
-
By Samsung Newsroom
Samsung Wallet is introducing a new feature called "Generic Card" for partners who cannot use other card types to fulfill their business requirements. This provides flexibility to modify various field labels for the card, according to the partners’ business needs.
Other cards, such as boarding passes and coupons serve a specific purpose, and their field labels cannot be modified. However, with a generic card, the label can be modified so it can be used for multiple purposes.
In this article, you learn how to modify a generic card to use it as an insurance card. We will explain the details specification with example of the generic card. At the end of the article a guide will be provided to implement this card for your reference, to help you modify your generic card according to your needs.
Card setup
Before you begin creating a new card template, log in to the Samsung Wallet Partner site and create a generic card.
Log in to the Samsung Wallet Partner site. Go to the Wallet Cards and then Create Wallet Card. For more details about creating a card, check the Manage Wallet Cards documentation. Select Generic Card from the available card templates. Modify the card information. When you have finished editing card information, launch the card to complete card setup. For more information on how to launch the card, see Launch Wallet Cards.
Template editor
Use the template editor to modify the card template.
From the "CardArt" view, you can modify the card color, set a background image or change the logo image properties. From the "Enlarge" view, you can modify the {{text1}} and {{text2}} labels. However, only the label itself can be changed in the Template Editor. To set the label value, you need to update the JSON file. From the "Detail" view, you can modify the "TextGroup" and "AppLink" properties. Modify the text label according to your needs. It is also possible to add new text fields, with a maximum of 12 text fields allowed. After every modification, click Save. Finally, apply all changes by clicking Apply. If you want to preview your changes, just click Preview.
Add to Samsung Wallet
Now that the card has been created in the site, it is ready to be distributed to fulfill your business needs.
Implement the "Add to Samsung Wallet" functionality to the platform where you are planning to distribute the cards. When users click "Add to Samsung Wallet," the card is added to the Wallet application on the user’s Galaxy device. This functionality can be added through the application/mobile web, MMS, or email. Additionally, you can use a QR code on a computer web browser and KIOSK. Samsung provides a Codelab guide for developers so that they can easily understand the implementation. For additional information on the Codelab guide, read Utilize the Add to Samsung Wallet service for digital cards. Further details can also be found in the Implementing ATW button documentation. Card specifications
To complete the "Add to Samsung Wallet" button implementation, you must generate the Card Data token and create a final URL. For more information, see Add to Samsung Wallet. Let’s start by reviewing the generic card specifications to generate the Card Data token. The generic card follows the specifications below. For more information on them, see the Generic Card section.
Name
Description
Title
The main title of the generic card. In the sample card, the title is "Card Title." In the image below, the title is "Insurance Identification Card."
Subtitle
The subtitle of the generic card. In the sample card, it is "Card Subtitle".
providerName
Use this field to set the card provider name. For more information, check the Card JSON Example below. However, the provider name depends on your card type and should be modified accordingly.
eventId
Enter an ID as an event identifier. In case your card is prepaid, for example a gift card, or if you have vouchers to events, such as concerts, it is possible to define an event ID. For instance: "event-001".
groupingId
Enter an identifier to group related cards.
startDate
Enter the starting date and the epoch timestamp in milliseconds.
startDate.relativeNotiTime
Enter the amount of time within which you want to provide a notification to the user. The notification time is the relative time from the startDate. The value can be up to 2880 milliseconds.
endDate
Enter the end date and the epoch timestamp in milliseconds.
endDate.relativeNotiTime
Enter the amount of time within which you want to provide a notification to the user. The notification time is the relative time from the endDate. The value can be up to 2880 milliseconds.
logoImage
Set the logo image URL. The file size must not exceed 256 KB. Also this image can be set from the Template Editor.
logoImage.darkUrl
Set the logo image URL for the dark mode. The file size must not exceed 256 KB.
logoImage.lightUrl
Set the logo image URL for the light mode. The file size must not exceed 256 KB.
bgImage
Set the background image URL. The file size must not exceed 512 KB.
text{i}
Set the label-text value that should be displayed for each field containing the details of your card. The label is defined in the Template Editor, shown in the image below.
To set the value of the label, update the JSON file.
image{i}
Enter the image URL, such as: "https://www.samsung.com/images/image1.png". This URL is just an example, you must update it according to your needs. This field only works in Generic Card Type3. We have used a Type1 card in the example. So this field in the example JSON has no effect on the card. You can find all three card type sample UIs here.
image{i}.lightUrl
Enter the image URL in light mode, such as: "https://www.samsung.com/images/light.png". This URL is just an example, you must update it according to your needs.
image{i}.darkUrl
Enter the image URL in dark mode, such as: "https://www.samsung.com/images/dark.png". This URL is just an example, you must update it according to your needs.
serial{i}
Set the serial for barcode or QR code.
serial{i}.serialType
Serial presentation type. For more information on the Presentation Types (serialType), see References.
serial{i}.ptFormat
Set the presentation format. For more details on the presentation formats (ptFormat), see References.
serial{i}.ptSubFormat
Set the presentation subformat here. For more details on the barcode formats (ptSubFormat), see References.
serial{i}.errorCorrectionLevel
Set the error correction levels in this field. The amount of redundancy or error correction data included in the code varies. QR codes offer four levels of error correction: L, M, Q, and H. The QR field looks like the following in your card:
privacyModeYn
Set the user authentication if required. Set the value to "Y" or "N"
bgColor
Set the card art color.
fontColor
Set the card art font color.
noNetworkSupportYn
Set the value to "Y" to open the wallet card when under the "No network" status. Otherwise, set the value to "N"
noticeDesc
Set the the notice description here. See the image below of how it is added to card.
appLinkLogo
Add the application link logo URL in this field.
appLinkName
Add the application link name in this field.
appLinkData
Add the application link URL in this field.
locations
List of locations where the card will be used. This information can be used to provide location-based services. Samsung Wallet can use this information to show maps, names of places, and addresses. For more information on the locations field and JSON format, check References.
Card JSON example
In previous sections, you have learned about the card specifications. Next, let’s implement the generic card fields according to your needs. In this section, as the aim is to create an insurance card, you must use the fields accordingly.
Samsung provides a specifically formatted JSON structure. You need to configure the card data objects within the structure’s data array. For more details, see the Generic Card section.
{ "card": { "type": "generic", "subType": "others", "data": [ { "createdAt": 1709712961000, "updatedAt": 1709712961000, "language": "en ", "refId": "933533e1-9284-461c-905f-bc177526a8d1", "attributes": { "title": "Insurance Identification Card", "subtitle": "Insurance Card", "providerName": "Samsung Insurance Co.", "eventId": "1", "groupingId":"1", "startDate": 1731299205000, "startDate.relativeNotiTime": 500, "endDate": 1731320805000, "endDate.relativeNotiTime": 400, "logoImage": "https://us-cdn-gpp.stg.mcsvc.samsung.com/mcp25/resource/2023/12/20/55ea769f-d14d-4c47-94cc-50cade36cdd9.png", "logoImage.darkUrl": "https://us-cdn-gpp.stg.mcsvc.samsung.com/mcp25/resource/2023/12/20/55ea769f-d14d-4c47-94cc-50cade36cdd9.png", "logoImage.lightUrl": "https://us-cdn-gpp.stg.mcsvc.samsung.com/mcp25/resource/2023/12/20/55ea769f-d14d-4c47-94cc-50cade36cdd9.png", "bgImage": "", "text1": "1234567", "text2": "Samsung Insurance Co.", "text3": "Jaqueline M", "text4": "Samsung Motors 2014 Galaxy5", "text5": "11SAM23SUNG3T", "text6": "(031)000-1235", "image1": "https://us-cdn-gpp.mcsvc.samsung.com/mcp25/resource/2024/3/5/b9445e3f-2ef5-4d81-9fca-b7a8a7cd599f.png", "image1.darkUrl": "https://us-cdn-gpp.mcsvc.samsung.com/mcp25/resource/2024/3/5/b9445e3f-2ef5-4d81-9fca-b7a8a7cd599f.png", "image1.lightUrl": "https://us-cdn-gpp.mcsvc.samsung.com/mcp25/resource/2024/3/5/b9445e3f-2ef5-4d81-9fca-b7a8a7cd599f.png", "serial1.value": ">1180MM2241B7C 0000000000000298060000000000 0 090870907 ", "serial1.serialType": "QRCODE", "serial1.ptFormat": "QRCODE", "serial1.ptSubFormat": "QR_CODE", "serial1.errorCorrectionLevel": "M", "privacyModeYn": "Y", "bgColor": "#3396ff", "fontColor": "#FFFFFF", "noNetworkSupportYn": "N", "noticeDesc": "{\"count\":2,\"info\":[{\"title\":\"NOTICE1\",\"content\":[\"DESCRIPTION1\",\"DESCRIPTION2\"]},{\"title\":\"NOTICE2\",\"content\":[\"DESCRIPTION1\",\"DESCRIPTION2\"]}]}", "appLinkLogo": "https://www.samsung.com/logo.png", "appLinkData": "https://www.samsung.com/", "appLinkName": "Samsung Insurance Co.", "locations": "[{\"lat\": 37.2573276, \"lng\": 127.0528215, \"address\": \"Suwon\", \"name\": \"Digital City\"}]" } } ] } } Generic card testing with the "Add to Wallet" test tool
Now, you can test the generic card with the "Add to Wallet" test tool provided by Samsung. Just follow these steps:
Sign in to the Add to Wallet test tool. For more information, see the Samsung Wallet Test Tool. Enter the private key in the "Enter Partner Private Key" field. In this tool, you find all cards that you have created from the Samsung Wallet Partner site in the "Select Card" section. For more information, see the Samsung Wallet Partner site. Select the generic card that you have just created. Now select JSON from the Data field and modify the existing JSON data fields according to the card specification details. After modifying the JSON data fields, check if the JSON is valid. Finally, if the private key is valid, the "Add to Samsung Wallet" button becomes active at the bottom of the page. Then, just click Add to Samsung Wallet to finish adding the generic card. If you use the provided example JSON and add the card to the wallet, the card looks like the following:
Server integration
In this step, server configuration is needed because the generated JWT token expires after 30 seconds. Developers are advised to only generate this token after a user has clicked the "Add to Wallet" button. As you have already performed testing with the "Add to Wallet" test tool, you need to configure your server.
For more information on the implementation of both the "Add to Samsung Wallet" button and server-side logic, see Implementing "Add to Wallet" in an Android Application. This article explains how you can distribute your card with your Android application and how to generate the JWT token at runtime, after pressing the "Add to Samsung Wallet" button.
Conclusion
You have now learned the basics for how to set up a generic card and test it for your business needs. In case you have further questions, contact Samsung Developer Support.
Related resources
Utilize the Add to Samsung Wallet service for digital cards Introduce Loyalty Cards to Your Application with Samsung Wallet Implementing "Add to Wallet" in an Android Application Seamlessly Integrate "Add to Wallet" for Samsung Wallet View the full blog at its source
-
-
By Samsung Newsroom
Samsung Electronics today announced the official launch of its Visual eXperience Transformation (VXT) Platform, a cloud-native Content Management Solution (CMS) combining content and remote signage management on one secure platform. Designed with ease-of-use in mind, the all-in-one solution allows businesses to easily create and manage their digital displays.
“Cloud migration is an unstoppable trend,” said Alex Lee, Executive Vice President of Visual Display Business at Samsung Electronics. “VXT is an innovative step toward this migration in that it makes high-tech signage more readily accessible, no matter where our customers are. But not only is high-tech signage accessible, the content and remote management solutions VXT provides are user-friendly.”
Efficient Cloud-Native Solution for All Business Needs
Samsung VXT is the next evolution of CMS software from MagicINFO, delivering an enhanced cloud-native solution tailored for seamless content creation and management of all B2B displays — including LCD, LED signage and The Wall. VXT streamlines the deployment and updating of software directly via a cloud portal, which eliminates the cumbersome process of manual updates. Registration of devices is designed for efficiency, as well, with a simple 6-digit pairing code that allows for quick and secure setup.
By streamlining digital signage operations and management, VXT offers a versatile solution that meets the needs of any sector, whether it be retail, hospitality, food and beverage or corporate. The solution has already received recognition from prominent partners such as Hy-Vee’s retail media network, RedMedia, which uses VXT CMS to manage a network of over 10,000 Samsung smart signage screens — including the QBR-Series, which has been installed across all of Hy-Vee’s grocery stores and retail locations.
Intuitive Content and Screen Management
Unlike other CMS solutions, VXT is a turnkey solution developed by Samsung that allows users to seamlessly create content and manage screens in one application. It consists of three CMS modules: VXT CMS, VXT Canvas1 and VXT Players, and each module makes content creation and screen management easier than ever:
VXT CMS: Content management is simplified through an intuitive interface that simultaneously handles content, playlists and schedules. The remote management feature allows real-time management of multiple devices. Additionally, robust security features — such as private certificates and allowing customizable security solutions for every business need. VXT Canvas: What You See is What You Get (WYSIWYG)-based creative tools that enable anyone to create content effortlessly and more intuitively with support for various templates, widgets and partner content. Users can create original content with custom and company fonts, as well as templates and images pre-loaded on the system for added convenience. VXT Players: VXT supports Tizen and Android-based players,2 while also managing multiple web elements simultaneously on one screen. Additionally, a web-based virtual screen allows users to easily view and manage their signage deployments.
VXT also combines content, solutions and expertise of third-party system integrators, software developers and content partners to provide users with access to an even broader range of incredible content, specific to vertical use cases, without the need for additional customization or development.3 Some of the notable Pre-Integrated Repeatable Solutions (PIRS) include:
VXT Art: Users can access a diverse library of artwork and photos with just a few clicks, and content from various art museums and galleries can be used across businesses ranging from office spaces to restaurants and beyond. Link My POS: This solution enabled by Wisar Digital allows businesses to use VXT Canvas to pull product data from Point Of Sale (POS) systems, eliminating the need to manually enter data or export data. Link My POS improves overall efficiency and reduces pricing errors, which in turn saves time and money. Ngine Real Estate: This solution developed through a partnership with Ngine Networks lets businesses display properties that are for sale or rent by using VXT to forego re-entering data when connecting directly to their platforms. Ngine Automotive: Cars, bikes and boats can be listed as for sale or rent by connecting directly to business displays, without needing to enter information. Messages can be resumed on social network platforms, as well. This solution has also been achieved by partnering with Ngine Networks.
Seamlessly Control and Manage from Anywhere
By offering compatibility with both desktop and mobile devices4, Samsung VXT revolutionizes content management because it caters to both the advanced needs of desktop users and the convenience required by mobile users. This flexibility allows users to manage their content anytime, anywhere.
Furthermore, VXT is designed to substantially reduce downtime in digital signage operations. Through advanced modular architecture, VXT isolates and minimizes the impact of any potential failures, allowing users to swiftly address disruptions. VXT also comes with an early warning feature, which detects potential issues — such as extreme temperature changes or network instability — and alerts customers before failure occurs. This offers greater peace of mind by allowing users to take preemptive actions or speed up the recovery time.
VXT’s energy management tool offers an at-a-glance view of energy consumption levels, as well. Customers can optimize their energy use based on monthly insights and adjust settings like brightness levels and automatic on/off times accordingly.
Availability
Samsung will hold a global launch event of VXT on January 31 at Integrated Systems Europe (ISE) 2024 in Barcelona. Designed as an omni-channel service, VXT will be accessible through various subscription plans, including both monthly and annual options. Customers can also make offline purchases through existing B2B sales channels worldwide, while online purchases will initially be made available in the U.S. before a subsequent global rollout in 2024. Prospective users can take advantage of a 60-day free trial before subscribing.
For more information on Samsung’s VXT platform, please visit https://vxt.samsung.com.
1 VXT CMS and VXT Canvas supported on Chrome browser only.
2 VXT is compatible with Android devices running Android 10 or higher, and with Tizen devices on Tizen 6.5 or higher.
3 For PIRS partner content, additional subscription payment is required.
4 VXT CMS and VXT Canvas supported on Chrome browser only.
View the full article
-
-
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.