Skip to main content
POST
/
challenge
/
push
Start Push Challenge
curl --request POST \
  --url https://api.authsignal.com/v1/client/challenge/push \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "userAuthenticatorId": "<string>"
}
'
{
  "challengeId": "<string>"
}

Authorizations

Authorization
string
header
required

Use a short-lived token obtained from the Server API's Track Action endpoint. The token is valid for 10 minutes and should be passed in the Authorization header as 'Bearer {token}'.

Body

application/json
userAuthenticatorId
string

The ID of a specific enrolled push authenticator to target. When provided, the challenge is sent only to that authenticator and can only be approved from that device. When omitted, the challenge is sent to all of the user's eligible push authenticators.

Response

OK

challengeId
string
required

The ID of the challenge which has been initiated. Use this ID to lookup whether the challenge has been approved or rejected by the user on their mobile device (e.g. via polling).