In this example Tectia Server (S) uses an external application (C) to check if user with the id 45678 and user name jbrown from the IP address 192.0.2.2 in domain abc.example.com is allowed access. The application gives a negative response:

C: version:1
S: version:1
S: request:1
S: user=45678:jbrown
S: addr-ip=192.0.2.2
S: addr-fqdn=abc.example.com
S: end-of-request:1
C: request:1
C: failure:jbrown not allowed from that subnet.