/auth/listApplications
Parameters:
{
"return":["id","name"]
}
Response:resetLogon
{
"error":0,
"result":
{
"total":2,
"rows":
[
{
"id":"aid1",
"name":"application 1"
},
{
"id":"aid2",
"name":"application 2"
}
]
}
}
/auth/listDomains
Parameters:
{
"application":
{
"id":"appid"
},
"return":["id","name"]
}
Response:
{
"error":0,
"result":
{
"total":2,
"rows":
[
{
"id":"domain id 1",
"name":"domain 1"
},
{
"id":"domain id 2",
"name":"domain 2"
}
]
}
}
/auth/listAuthenticators
List authenticators in the specified logon step.
Parameters:
{
"step": 1// step is 1-based
"application":
{
"id":"appid"
},
"user":
{
"domain.id":"domainid",
"loginName":"login name"
}
}
Response:
{
"error":0,
"result":
{
"total":2,
"rows":
[
{"code":"OTP", "name":"One-Time Password"},
{"code":"OTPoD", "name":"On-Demand Password"}
]
}
}
/auth/getLogonSteps
Parameters:
{
"application":
{
"id": "appid"
},
"user":
{
"loginName": "user login name"
},
"return":["name","challengResponse","authenticators"]
}
Response:
{
"error":0,
"result":
{
"total":2,
"rows":
[
{
"name": "step 1",
"challengResponse": false,
"authenticators":
[
{"code":"OTP", "name":"One-Time Password"}
]
},
{
"name": "step 2",
"challengResponse": false,
"authenticators":
[
{"code":"SPASS", "name":"Static Password"}
]
}
]
}
}
/auth/listTokenAssignments
Examples:
The following example will list all OOBA tokens:
Method: /auth/listTokenAssignments
Parameters:
{
"application":
{
"id":"appid"
},
"user":
{
"id":"userid"
},
"token":
{
"product.functions":"OOBA"
},
"return":
[
"id", "status",
{"token":["id","serial","oobDeviceModel","oobDeviceType"]}
]
}
Response:
{
"error":0,
"result":
{
"total":1,
"rows":
[
"id":"dda5f3744f7d7750676acc24f31fe1287085872ff856224655bf55ec501fa2ba","status":"ACTIVE",
"token":
{
"id":"bc650db324ef8e2873444e9e1001ac07",
"serial":"110000035",
"oobDeviceModel":"Xiaomi M2007J20CG",
"oobDeviceType":"Android"
}
]
}
}
/auth/logon
Examples 1: OTP login
Method:/auth/logon
Parameters:
{
"application":
{
"id":"appid"
},
"remoteIp": "xxx.xxx.xxx.xxx", // client IP Address
"user":
{
"id":"userid"
},
"token":
{
"serial":"10000000"
},
"credential":
{
"otp":"123456",
//"cc":"121212" // if verifyResponse is required
}
}
Examples 2: OOBA login
Method: /auth/logon
Parameters:
{
"application":
{
"id":"appid"
},
"user":
{
"id":"userid"
},
"token":
{
"serial":"110000035"
},
"credential":
{
"method":"OOBA",
"tokenId":"bc650db324ef8e2873444e9e1001ac07",
}
}
Response:
{
"error":0
}
/auth/logout
Examples:
Method:/auth/logout
Parameters:
{
}
Response:
{
"error":0
}
/auth/verify
Examples:
Method:/auth/verify
Parameters:
{
"remoteIp": "xxx.xxx.xxx.xxx", // client IP Address
"user":
{
"id":"userid"
},
"token": // optional
{
"serial":"10000000"
},
"credential":
{
"otp":"123456",
//"cc":"121212" // if verifyResponse is required
}
}
{
"user":
{
"loginName":"loginName"
},
"credential":
{
"method":"SPASS",
"password":"pass"
}
}
Response:
{
"error":0
}
/auth/sendOTP
Examples:
Method:/auth/sendOTP
Parameters:
Example 1
{
"user":
{
"loginName": "user login name"
},
"token": // optional
{
"serial":"10000000"
},
"options": // optional
{
"format":"TEXT|HTML",
"channel":"SMS",
"expire":"2021-01-01T00:00:00"
}
}
Send OTP to user "acme\john.smith" via "SMS"
Example 2
{
"user":
{
"loginName": "acme\\john.smith"
},
"options":
{
"channel":"SMS"
}
}
Response:
{
"error":0
}
/auth/sendActivationCode
Examples:
Method:/auth/sendActivationCode
Parameters:
Example 1
{
"user":
{
"id":"userid"
},
"token":
{
"serial":"10000000"
},
"options":
{
"format":"TEXT|HTML",
"channel":"SMS",
"expire":"2021-01-01T00:00:00"
}
}
Example 2
{
"tokenAssignment":
{
"id":"token assignment id"
},
"options":
{
"format":"TEXT|HTML",
"channel":"SMS",
"expire":"2021-01-01T00:00:00"
}
}
Response:
{
"error":0
}
/auth/syncToken
Examples:
Method:/auth/syncToken
Parameters:
{
"user":
{
"id":"userid"
},
"token":
{
"serial":"10000000"
},
"credential":"otp1,otp2"
}
Response:
{
"error":0
}
/auth/downloadToken
Examples:
Method:/auth/downloadToken
Parameters:
{
"user":
{
"id":"userid"
},
"token":
{
"serial":"10000000"
},
"acHash": "SHA1 hash of activation code in base64 encoded"
}
Response:
{
"error":0
}
/auth/activateTokenAssignment
Examples:
Method:/auth/activateTokenAssignment
Parameters:
{
// "tokenAssignment":{"id":assid}
"user":
{
"id":"userid"
},
"token":
{
"serial":"10000000"
},
"acHash":"SHA1 hash of activation code in base64 encoded"
}
Response:
{
"error":0
}
/auth/getPolicy
Parameters:
{
"application":
{
"name":"appname"
},
"user":
{
"loginName":"login name",
"domain.id":"domainid"
},
"category":
{
"name":"logon"
},
"return":["name", "id","options"]
}
Response:
{
"error":0,
"result":
{
"id":"policy id 1",
"name":"System logon policy",
"options":
{
"key1":"value1",
"key2":"value2",
...
}
}
}
/auth/listSiteStamps
Parameters:
{
"user":
{
"id":"userid"
}
return:["*"]
}
Response:
{
"error":0,
"result":
{
"total":2,
"rows":
[
{"id":"id1", …},
{"id":"id2", …}
]
}
}
/auth/getChallengeCode
Parameters:
{
"user":
{
"loginName":"login name",
"domain.id":"domainid"
},
"token":
{
"id":"tid1"
},
return:["id", "code", "starts", "expires"]
}
Response:
{
"error":0,
"result":{"id":1, "code":"xxx", "starts":"xxx", "expires":"xxx"}
}
Examples:
The GridGo challenge code is the matrix in JSON string
{
"user":
{
"loginName":"login name",
"domain.id":"domainid"
},
"token":
{
"product.method":"GridGo"
},
"return":["id", "code", "reference"]
}
Response:
{
"error":0,
"result":
{
"id":"#i#_ChallengeCode_22",
"code":
"{\"grid\":[\"53c1s3npxgws4pw6jp5kx3\",
\"scmmu698wp9t1sag5spxzz\",
\"gmmzdj97x3jn4bpe9cvu1r\",
\"ps0hs5g2nh5xer6r93fj7x\",
\"mn8zbs5nnnm8rxt2r5ekd0\",
\"0jr935hx618a3vcvzdehn0\",
\"9xtr71jff7jaz255n5rtc4\",
\"dr96rxn7pgs3anmfzpeu7y\",
\"uf06ttmc3kfvhrun2remk9\",
\"z7c3ytf9u2xtfmc60p06ax\"],
\"rows\":10,
\"cols\":22,
\"indiecs\":\"ABCDEFGHJKMNPRSTUVWXY\"
}",
"reference":"10948e64-b829-47be-be2a-414217bee16f"
}
}
/auth/listTokens
Parameters:
{
"user":
{
"loginName":"login name",
"domain.id":"domainid"
},
"token":
{
"product.method":"GridCard"
},
"return":["id", "serial"]
}
Response:
{
"error":0,
"result":
{
"total":2,
"rows":
[
{"id":"tid1", "serial":"77003456"},
{"id":"tid2", "serial":"77003457"}
]
}
}
/auth/changePassword
Examples:
Method:/auth/changePassword
Parameters:
{
"user":
{
"loginName":"login name",
"domain.id":"domainid"
},
"oldPassword":"old",
"newPassword":"new"
}
Response:
{
"error":0
}
/auth/verifyPin
Examples:
Method:/auth/verifyPin
1. verify password
Parameters:
{
"user":
{
"loginName":"login name",
"domain.id":"domainid"
},
"pin":"password"
}
2. verify pin
Parameters:
{
"user":
{
"loginName":"login name",
"domain.id":"domainid"
},
"token":
{
"serial":"1213131"
}
"pin":"pin"
}
Response:
{
"error":0
}
3. verify pin by assignment
Parameters:
{
"user":
{
"loginName":"login name",
"domain.id":"domainid"
},
"tokenAssignment":
{
"id":"assignment id"
}
"pin":"pin"
}
Response:
{
"error":0
}
/auth/resetLogon
Reset the logon session, this API will reset everything in the logon session: user, logon step, access control etc.
Request:
{
}
Response:
{
"error":0
}