# Table of contents:

• Introduction
• Procedure
  • Initial USR Exchange
  • Passport Authentication
  • Subsequent USR Exchange

# Introduction

TWN (Tweener) is a authentication scheme available in MSNP8 to MSNP14.

Instead of sending the password directly over the notification session, TWN clients authenticate by using a ticket supplied by the notification server to obtain a Passport Compact Token from a compatible HTTPS web service (see below).

# Procedure

# Initial USR Exchange

The client sends the initial USR request, and the server responds with an authentication policy:

C: USR TrID TWN I user-handle
S: USR TrID TWN S policy

Where user-handle is the handle (e-mail address) the client is authenticating with.

Where policy is the authentication policy. This string is opaque to the client and does not have a guaranteed format, although the official servers supplied comma-separated {key}={value} tickets.

# Passport Authentication

Using the provided authentication ticket, the client should now authenticate with Passport to retreive a Passport Compact Token. This can be done via one of the following web services:

• Passport SSI 1.4 (Used in Client Versions 5.0.0124 to 7.0.0820)
• Passport SOAP (RST) (Used in Client Version 7.5.0160 and above)

The token must be requested for messenger.msn.com (site ID 507 or policy MBI).

# Subsequent USR Exchange

The client completes the authentication flow by sending the Passport Compact Token to the Notification Server (NS):

C: USR TrID TWN S compact-token
S: USR TrID OK (...)