...
So, for example, if you use Jira at my.shiny.server on port 2048 with the default context path /jira, then the URL of the /info endpoint is in Listing 2.
...
The next call goes to /user, which delivers information about the users status from the perspective of Secure Login.
The returned data indicates whether the user:
has to enter his or her pinPIN or
has to do the onboarding process or
is blocked (information about the reason for and duration of the block are provided)
If the user has to enter his or her pinPIN, then the next call will go to the endpoint /auth, which submits the pinPIN. On a correct pinPIN, Secure Login will validate the current HTTP session, and the user is authenticated.
Attention: If the app is installed on a phone that changes between different IP networks (for example if you connect to a different WiFi), then use the /info endpoint to check whether the user has to (re-)enter the pin PIN or is still authenticated.
What if the user enters a wrong PIN?
After having entered a wrong pinPIN, the user can retry to enter the pin PIN as long as he or she has not been blocked. How many retries the user has until being blocked depends on the settings the administrator made.
The administrator can specify
after how many incorrect pins PINs the user is blocked and
for how long the user is blocked.
...
Expand | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||||||
Get information from Secure Login related to the current user. Request - Query ParametersThe username is taken from the current HTTP session, so no parameter to submit. Responses
The request was completed successfully.
The request was aborted, because the plugin is not active. Response fields
Examples
|
...
Expand | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||
Submit the PIN to authenticate the current HTTP session for the current user. Request - Query ParametersThe username is taken from the current HTTP session. The pin PIN is posted with a Content-Type of Responses
The request was completed successfully and the session is authenticated.
The authentication failed.
The request was aborted because the app is not active.
The user still has onboarding status and cannot be authenticated yet. Response fieldsNone ExamplesNone |
...