Activates new authentication factor

Circularo REST API example

Login user and activate ‘SMS’ authentication.

Step 1 - Sign in

Sign user in.

Endpoint

POST - /login

Example

/login

Content-Type: application/json

{
  "name": "mary.griffin@circularo.com",
  "password": "#32Password1!",
  "tenant": "default"
}

Response

Note following properties in response object:

  • token - In response object at position ‘token‘. It may have value of “x9RDNg8sBdJc4OmMaOWdnf2exAKzB6f8ieOSDVGvzbgj5qWkAv1ZlENARfUnuxm7“.

Step 2 - Create MFA token

Create locked token with ‘sms’ factor activated. This token is used to check if user is able to unlock it.

Endpoint

POST - /configuration/mfa/token

Example

/configuration/mfa/token?token=x9RDNg8sBdJc4OmMaOWdnf2exAKzB6f8ieOSDVGvzbgj5qWkAv1ZlENARfUnuxm7

Content-Type: application/json

{
  "activate": [
    "sms"
  ]
}

Response

Note following properties in response object:

  • mfaToken - In response object at position ‘token‘. It may have value of “aDqJvKNJdKEEppU8EvftETcf6zL4AkiCLivziTChMBLf0mugOqwqfKAEICOvCchk“.

The token is created and factor has been sent to phone.

Step 3 - Unlock token

The token will be unlocked using received code.

Endpoint

POST - /login/unlock

Example

/login/unlock?token=aDqJvKNJdKEEppU8EvftETcf6zL4AkiCLivziTChMBLf0mugOqwqfKAEICOvCchk

Content-Type: application/json

{
  "factors": [
    {
      "factor": "sms",
      "password": "374124"
    }
  ]
}

The token is unlocked now and user can perform actions.

Step 4 - Update MFA factor

Use unlocked token to activate new authentication factor.

Endpoint

PUT - /configuration/mfa/change

Example

/configuration/mfa/change?token=x9RDNg8sBdJc4OmMaOWdnf2exAKzB6f8ieOSDVGvzbgj5qWkAv1ZlENARfUnuxm7

Content-Type: application/json

{
  "activationToken": "aDqJvKNJdKEEppU8EvftETcf6zL4AkiCLivziTChMBLf0mugOqwqfKAEICOvCchk"
}

New authentication factor is now activated. Response contains information about all currently active factors.

Step 5 - Sign out (Optional)

Sign user out.

Endpoint

GET - /logout

Example

/logout?token=x9RDNg8sBdJc4OmMaOWdnf2exAKzB6f8ieOSDVGvzbgj5qWkAv1ZlENARfUnuxm7