Versions Compared

Old Version 8

changes.mady.by.user Nicole Hühn

Saved on

compared with

New Version 9

changes.mady.by.user Nicole Hühn

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

So, for example, if you use Jira at my.shiny.server on port 2048 with the default context path /jira, then the URL of the /info endpoint is in Listing 2.

...

The next call goes to /user, which delivers information about the users status from the perspective of Secure Login.
The returned data indicates whether the user:

  • has to enter his or her pinPIN or

  • has to do the onboarding process or

  • is blocked (information about the reason for and duration of the block are provided)

If the user has to enter his or her pinPIN, then the next call will go to the endpoint /auth, which submits the pinPIN. On a correct pinPIN, Secure Login will validate the current HTTP session, and the user is authenticated.

Attention: If the app is installed on a phone that changes between different IP networks (for example if you connect to a different WiFi), then use the /info endpoint to check whether the user has to (re-)enter the pin PIN or is still authenticated.

What if the user enters a wrong PIN?
After having entered a wrong pinPIN, the user can retry to enter the pin PIN as long as he or she has not been blocked. How many retries the user has until being blocked depends on the settings the administrator made.

The administrator can specify

  • after how many incorrect pins PINs the user is blocked and

  • for how long the user is blocked.

...

Expand
titleGet information from current user GET /rest/securelogin−admin/1.0/api/user

Get information from Secure Login related to the current user.

Request - Query Parameters

The username is taken from the current HTTP session, so no parameter to submit.

Responses

Status
colourGreen
titleStatus 200
- application/json
The request was completed successfully.

Status
colourRed
titleStatus 406
- application/json
The request was aborted, because the plugin is not active.

Response fields

field

type

description

state

string

can take one of these values:

enter - the user has to enter the pinPIN
bypass - no action is needed
onboarding - the user has not completed the onboarding process yet. The onboarding process must be completed in a desktop browser.
blocked - currently, the user cannot proceed because the account is blocked.

blocked

structure

This is only available if status == blocked and contains details.

Structure fields:
reason - Indicates why the account is blocked. Its only value is brute_force – too many PIN failures.
until - Indicates until when the account is blocked. The timestamp format is in ISO- 8601 format and at time zone GMT.

Examples

Code Block
{
    "state": "enter"
}
Code Block
{
    "state": "blocked",
    "blocked": {
        "reason": "brute_force",
        "until": "2022−09−25T14:08:48Z"
    }
}

...

Expand
titleAuthenticate the current user POST /rest/securelogin−admin/1.0/api/auth

Submit the PIN to authenticate the current HTTP session for the current user.

Request - Query Parameters

The username is taken from the current HTTP session. The pin PIN is posted with a Content-Type of text/plain as a sequence of numbers without any prefix or suffix and without any spacing. Just the string like 910817.

Responses

Status
colourGreen
titleStatus 200
- no response body
The request was completed successfully and the session is authenticated.

Status
colourRed
titleStatus 401
- no response body
The authentication failed.

Status
colourRed
titleStatus 406
- no response body
The request was aborted because the app is not active.

Status
colourRed
titleStatus 410
- no response body
The user still has onboarding status and cannot be authenticated yet.

Response fields

None

Examples

None

...