Authenticator app (TOTP)
Start authenticator app enrollment
POST https://api.authsignal.com/v1/client/user-authenticators/totp
Use this endpoint to to enroll a new TOTP authenticator for a user.
Response
userAuthenticatorIdstring
The ID of the TOTP authenticator which has been created but not yet verified.
uristring
A URI which can be converted into a QR code and scanned by an authenticator app.
secretstring
A secret which can be manually entered into an authenticator app. Typically presented as a backup option if the user is unable to scan the QR code.
Verify authenticator app challenge
POST https://api.authsignal.com/v1/client/verify/totp
Use this endpoint to verify a challenge when enrolling a new TOTP authenticator or when re-authenticating with an existing TOTP authenticator.
Request
userAuthenticatorIdstring
The ID of the user's TOTP authenticator which is being used for the verification.
verificationCodestring
The TOTP code inputted by the user.
Response
isVerifiedboolean
True if the inputted TOTP code is correct.
accessTokenstring | undefined
A new short-term token with scopes to manage authenticators (e.g. add secondary authenticators, remove authenticators, view or regenerate recovery codes). Only present if the challenge succeeded.
failureReasonstring | undefined
One of the following values: CODE_INVALID_OR_EXPIRED, MAX_ATTEMPTS_EXCEEDED.