-
Notifications
You must be signed in to change notification settings - Fork 45
Token Api
The token api allows clients to trigger 2FA token providers in order to send the user a 2FA token.
| Action | Url | Method | Session required | Description |
|---|---|---|---|---|
| request | /api/1.0/token/{provider}/request |
GET | no | Requests a token with the provider |
The request action is required for some token in order to send the user the token. For example the email token will send an email to the users mail account. It is recommended to only call this action if the user has chosen that token, not just trigger it for all available tokens.
| Argument | Type | Description |
|---|---|---|
| provider | string | The id of the token |
The success status code is 200 Ok.
| Argument | Type | Description |
|---|---|---|
| success | boolean | Whether or not the action was successful |
| data | object | For the "Nextcloud Notification" token, this object will contain the property token with the token value. |
The session request action will return an array of possible tokens. Each token object looks like this:
{
"type":"user-token",
"id":"tokenid",
"label":"Human readable label",
"description":"A short description of the token process",
"request":true
}| Argument | Type | Description |
|---|---|---|
| type | string | The token type is either user-token or request-token
|
| id | object | This id must be used in the token request and the session open action. |
| label | string | The label of the token |
| description | string | A description of the token adn the authentication process |
| request | boolean | Whether or not the authentication process must be triggered with the request action |
Tokens with the type user-token require that the user enters a code which is then sent to the server.
It might be required that the request action is executed in order to provide the user with that code.
Currently only the "Nextcloud Notification" is a request-token.
This token does not require a user input.
Instead the user will confirm the token trough a second app or device.
The request action will provide the token that needs to be sent to the server.