/auth/listApplications

Parameters:

{
	"return":["id","name"]
}

Response:

{
	"error":0,
	"result":
	{
		"total":2,
		"rows":
		[
			{
				"id":"aid1",
				"name":"application 1"
			},
			{
				"id":"aid2",
				"name":"application 2"
			}
		]
	}
}

/auth/listDomains

Parameters:

{
	"application":
	{
		"id":"appid"
	},
	"return":["id","name"]
}

Response:

{
	"error":0,
	"result":
	{
		"total":2,
		"rows":
		[
			{
				"id":"domain id 1",
				"name":"domain 1"
			},
			{
				"id":"domain id 2",
				"name":"domain 2"
			}
		]
	}
}

/auth/listAuthenticators

List authenticators in the specified logon step.

Parameters:

{
	"step": 1// step is 1-based
	"application":
	{
		"id":"appid"
	},
	"user":
	{
		"domain.id":"domainid",
		"loginName":"login name"
	}
}

Response:

{
	"error":0,
	"result":
	{
		"total":2,
		"rows":
		[
			{"code":"OTP", "name":"One-Time Password"},
			{"code":"OTPoD", "name":"On-Demand Password"}
		]
	}
}

/auth/getLogonSteps

Parameters:

{
	"application":
	{
		"id": "appid"
	},
	"user":
	{
		"loginName": "user login name"
	},
	"return":["name","challengResponse","authenticators"]
}

Response:

{
	"error":0,
	"result":
	{
		"total":2,
		"rows":
		[
			{
				"name": "step 1",
				"challengResponse": false,
				"authenticators":
				[
					{"code":"OTP", "name":"One-Time Password"}
				]
			},
			{
				"name": "step 2",
				"challengResponse": false,
				"authenticators":
				[
					{"code":"SPASS", "name":"Static Password"}
				]
			}
		]
	}
}

/auth/listTokenAssignments

Examples:

The following example will list all OOBA tokens:


Method: /auth/listTokenAssignments
Parameters:

{
	"application":
	{
		"id":"appid"
	},
	"user":
	{
		"id":"userid"
	},
	"token":
	{
		"product.functions":"OOBA"
	},
	"return":
	[
		"id", "status",
		{"token":["id","serial","oobDeviceModel","oobDeviceType"]}
	]
}


Response:

{
	"error":0,
	"result":
	{
		"total":1,
		"rows":
		[
			"id":"dda5f3744f7d7750676acc24f31fe1287085872ff856224655bf55ec501fa2ba","status":"ACTIVE",
			"token":
			{
				"id":"bc650db324ef8e2873444e9e1001ac07",
				"serial":"110000035",
				"oobDeviceModel":"Xiaomi M2007J20CG",
				"oobDeviceType":"Android"
			}
		]
	}
}

/auth/logon

Examples 1: OTP login
Method:/auth/logon
Parameters:

{
	"application":
	{
		"id":"appid"
	},
	"user":
	{
		"id":"userid"
	},
	"token":
	{
		"serial":"10000000"
	},
	"credential":
	{
		"otp":"123456",
		//"cc":"121212" // if verifyResponse is required
	}
}

Examples 2: OOBA login
Method: /auth/logon
Parameters:

{
	"application":
	{
		"id":"appid"
	},
	"user":
	{
		"id":"userid"
	},
	"token":
	{
		"serial":"110000035"
	},
	"credential":
	{
		"method":"OOBA",
		"tokenId":"bc650db324ef8e2873444e9e1001ac07",
	}
}


Response:

{
	"error":0
}

/auth/logout

Examples:
Method:/auth/logout
Parameters:

{
}


Response:

{
	"error":0
}



/auth/verify

Examples:
Method:/auth/verify
Parameters:

{
	"user":
	{
		"id":"userid"
	},
	"token": // optional
	{
		"serial":"10000000"
	},
	"credential":
	{
		"otp":"123456",
		//"cc":"121212" // if verifyResponse is required
	}
}


{
    "user":
    {
        "loginName":"loginName"
    },
    "credential":
    {
        "method":"SPASS",
        "password":"pass"
    }
}


Response:

{
	"error":0
}

/auth/sendOTP

Examples:
Method:/auth/sendOTP
Parameters:

{
	"user":
	{
		"loginName": "user login name"
	},
	"token": // optional
	{
		"serial":"10000000"
	},
	"options": // optional
	{
		"format":"TEXT|HTML",
		"channel":"SMS",
		"expire":"2021-01-01T00:00:00"
	}
}

Send OTP to user "acme\john.smith" via "SMS"

{
	"user":
	{
		"loginName": "acme\\john.smith"
	},
	"options":
	{
		"channel":"SMS"
	}
}


Response:

{
	"error":0
}

/auth/sendActivationCode

Examples:
Method:/auth/sendActivationCode
Parameters:

{
	"user":
	{
		"id":"userid"
	},
	"token":
	{
		"serial":"10000000"
	},
	"options":
	{
		"format":"TEXT|HTML",
		"channel":"SMS",
		"expire":"2021-01-01T00:00:00"
	}
}


{
	"tokenAssignment":
	{
		"id":"token assignment id"
	},
	"options":
	{
		"format":"TEXT|HTML",
		"channel":"SMS",
		"expire":"2021-01-01T00:00:00"
	}
}



Response:

{
	"error":0
}

/auth/syncToken

Examples:
Method:/auth/syncToken
Parameters:

{
	"user":
	{
		"id":"userid"
	},
	"token":
	{
		"serial":"10000000"
	},
	"credential":"otp1,otp2"
}


Response:

{
	"error":0
}

/auth/downloadToken

Examples:
Method:/auth/downloadToken
Parameters:

{
	"user":
	{
		"id":"userid"
	},
	"token":
	{
		"serial":"10000000"
	},
	"acHash": "SHA1 hash of activation code in base64 encoded"
}


Response:

{
	"error":0
}

/auth/activateTokenAssignment

Examples:
Method:/auth/activateTokenAssignment
Parameters:

{
	// "tokenAssignment":{"id":assid}
	"user":
	{
		"id":"userid"
	},
	"token":
	{
		"serial":"10000000"
	},
	"acHash":"SHA1 hash of activation code in base64 encoded"
}


Response:

{
	"error":0
}

/auth/getPolicy

Parameters:

{
	"application":
	{
		"name":"appname"
	},
	"user":
	{
		"loginName":"login name",
		"domain.id":"domainid"
	},
	"category":
	{
		"name":"logon"
	},
	"return":["name", "id","options"]
}

Response:

{
	"error":0,
	"result":
	{
		"id":"policy id 1",
		"name":"System logon policy",
		"options":
		{
			"key1":"value1",
			"key2":"value2",
			...
		}
	}
}


/auth/listSiteStamps

Parameters:

{
	"user":
	{
		"id":"userid"
	}
	return:["*"]
}

Response:

{
	"error":0,
	"result":
	{
		"total":2,
		"rows":
		[
			{"id":"id1", …},
			{"id":"id2", …}
		]
	}
}



/auth/getChallengeCode

Parameters:

{
	"user":
	{
		"loginName":"login name",
		"domain.id":"domainid"
	},
	"token":
	{
		"id":"tid1"
	},
	return:["id", "code", "starts", "expires"]
}

Response:

{
	"error":0,
	"result":{"id":1, "code":"xxx", "starts":"xxx", "expires":"xxx"}
}

Examples:
The GridGo challenge code is the matrix in JSON string

{
	"user":
	{
		"loginName":"login name",
		"domain.id":"domainid"
	},
	"token":
	{
		"product.method":"GridGo"
	},
	"return":["id", "code", "reference"]
}

Response:

{
	"error":0,
	"result":
	{
		"id":"#i#_ChallengeCode_22",
		"code":
			"{\"grid\":[\"53c1s3npxgws4pw6jp5kx3\",
			\"scmmu698wp9t1sag5spxzz\",
			\"gmmzdj97x3jn4bpe9cvu1r\",
			\"ps0hs5g2nh5xer6r93fj7x\",
			\"mn8zbs5nnnm8rxt2r5ekd0\",
			\"0jr935hx618a3vcvzdehn0\",
			\"9xtr71jff7jaz255n5rtc4\",
			\"dr96rxn7pgs3anmfzpeu7y\",
			\"uf06ttmc3kfvhrun2remk9\",
			\"z7c3ytf9u2xtfmc60p06ax\"],
			\"rows\":10,
			\"cols\":22,
			\"indiecs\":\"ABCDEFGHJKMNPRSTUVWXY\"
			}",
		"reference":"10948e64-b829-47be-be2a-414217bee16f"
	}
}

/auth/listTokens

Parameters:

{
	"user":
	{
		"loginName":"login name",
		"domain.id":"domainid"
	},
	"token":
	{
		"product.method":"GridCard"
	},
	"return":["id", "serial"]
}

Response:

{
	"error":0,
	"result":
	{
		"total":2,
		"rows":
		[
			{"id":"tid1", "serial":"77003456"},
			{"id":"tid2", "serial":"77003457"}
		]
	}
}

/auth/changePassword

Examples:
Method:/auth/changePassword
Parameters:

{
	"user":
	{
		"loginName":"login name",
		"domain.id":"domainid"
	},
	"oldPassword":"old",
	"newPassword":"new"
}


Response:

{
	"error":0
}

/auth/verifyPin

Examples:
Method:/auth/verifyPin

1. verify password

Parameters:

{
	"user":
	{
		"loginName":"login name",
		"domain.id":"domainid"
	},
	"pin":"password"
}

2. verify pin

Parameters:

{
	"user":
	{
		"loginName":"login name",
		"domain.id":"domainid"
	},
	"token":
	{
		"serial":"1213131"
	}
	"pin":"pin"
}

Response:

{
	"error":0
}

3. verify pin by assignment

Parameters:

{
	"user":
	{
		"loginName":"login name",
		"domain.id":"domainid"
	},
	"tokenAssignment":
	{
		"id":"assignment id"
	}
	"pin":"pin"
}


Response:

{
	"error":0
}