Unlock protected token
Circularo REST API example
Login user protected by SMS code and then unlock its token.
Step 1 - Sign in user with SMS protection
Sign in authentication factor protected user. This user has SMS factor activated.
Endpoint
POST - /login
Example
/login
Content-Type: application/json
{
"name": "billy.spring@circularo.com",
"password": "!!B1IIy#:)",
"tenant": "default"
}
Response
Note following properties in response object:
- token - In response object at position ‘token‘. It may have value of “PBfhwW8Qdj1H5XUAqVnwjqlkevlIpmis7YSN5FtxJy6U3tPrESmwJsVW9I7kzvRW“.
The user is signed now, but he can’t perform any action until the token is unlocked. SMS with unlocking code has been sent.
Step 2 - Unlock token
The token will be unlocked using received code.
Endpoint
POST - /login/unlock
Example
/login/unlock?token=PBfhwW8Qdj1H5XUAqVnwjqlkevlIpmis7YSN5FtxJy6U3tPrESmwJsVW9I7kzvRW
Content-Type: application/json
{
"factors": [
{
"factor": "sms",
"password": "510429"
}
]
}
The token is unlocked now and user can perform actions.