Unlock protected token

Circularo REST API example

Login user protected by SMS code and then unlock its token.

Step 1 - Sign in user with SMS protection

Sign in authentication factor protected user. This user has SMS factor activated.

Endpoint

POST - /login

Example

/login

Content-Type: application/json

{
  "name": "billy.spring@circularo.com",
  "password": "!!B1IIy#:)",
  "tenant": "default"
}

Response

Note following properties in response object:

  • token - In response object at position ‘token‘. It may have value of “PBfhwW8Qdj1H5XUAqVnwjqlkevlIpmis7YSN5FtxJy6U3tPrESmwJsVW9I7kzvRW“.

The user is signed now, but he can’t perform any action until the token is unlocked. SMS with unlocking code has been sent.

Step 2 - Unlock token

The token will be unlocked using received code.

Endpoint

POST - /login/unlock

Example

/login/unlock?token=PBfhwW8Qdj1H5XUAqVnwjqlkevlIpmis7YSN5FtxJy6U3tPrESmwJsVW9I7kzvRW

Content-Type: application/json

{
  "factors": [
    {
      "factor": "sms",
      "password": "510429"
    }
  ]
}

The token is unlocked now and user can perform actions.