...
- 'type' – The type of request to be performed by the server. The following types are supported.
- 'username' – The username (or token for the user) that this action is to be performed on.
- 'spAccountLoginName' – Your SurePassId server account name
- 'spAccountLoginKey' – Your SurePassId server account key
You can get your SurePass account credentials (server account name and key) from the the portal. After logging in go to Settings and you will see the following page where the values are displayed.
The system supports the following request types:
types:
| type | description | operational area |
|---|---|---|
| add_u2f_account' | add user account with U2F device to your Surepass SurepassId installation | user management |
| add_oath_account | add user account with Oath device to your SurepassId installation | user management |
| add_u2f_device | add a u2f 2fa device to a user account | device management |
| add_oath_device | add an oath 2fa device to user account | device management |
| validate_u2f_user | query user meta data/authenticate the user name and password of the useruser | user validation/authentication |
| find_device | query device meta data by serial number | device management |
| validate_oath_user | query user meta data/authenticate user name and password | user validation/authentication |
| add_u2f_device | add an additional 2fa device to an account | device management |
| delete_key | delete a specific fido u2f security key from the users account | fido u2f key/origin management |
| delete_all_keys | delete all fido u2f security key from the users account | fido u2f key/origin management |
| validate_oath_otp | validate a dynamic pass code send to the user | validate Oath OTP |
| send_oath_otp | send a dynamic pass code send to the user | send Oath OTP |
| push_oath_otp | push authentication request to the user | push authentication |
| pre_enroll | perform the pre-enrollment process required to register a fido - pre-enroll u2f key for an origin | u2f register step 1 |
| enroll | register fido - enroll a u2f key for an origin | u2f register step 2 |
| pre_sign | perform the fido - pre-sign process to authenticate a u2f process u2f key for an origin | u2f authentication step 1 |
| 'sign ' | authenticate a u2f key for an origin | u2f authentication step 2 |
| 'create_session_token ' | create a session token for a particular user | mobile device state management |
| 'expire_session_token' | expire (make unusable) a session token for a particular user | mobile device state management |
| 'is_session_token_valid ' | check to see if a session token is still valid for a particular user | mobile device state management |
| 'active_oath_device' | activate an Oath device | device management |
| 'sync_oath_device' | synchronize clock for Oath HOTP/TOTP device | device management |
...
A sample REST request body is a json request and looks like this:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
{
"type": "send_oath_otp",
"username": "Manny",
"spAccountLoginName": "accountname",
"spAccountLoginKey": "accountkey",
"deliveryMethod": "sms"
} |
...
- type - Echo of the type that was made on the request
- errorCode – The numeric error code for the request. An errorCode of 0 signifies success.
- errorMessage – The displayable error message for the request.
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"type": "send_oath_otp",
"errorCode": 0,
"errorMessage": "OK"
} |
...