Authentication

Those endpoints allow to authenticate based by External Authenticator.

These two endpoints are wide open and do not need any authorization data.

Phase 1 - challenge

Get a challenge

POST https://my.ence.do/api/auth/ext/request

Get an authentication request data to challenge the external authenticator.

Headers

Name
Type
Description

Content-Type*

String

application/json

Request Body

Name
Type
Description

epk*

String

Broker ephemeral public key

scope*

String

Requested access scope

exp*

Number

Requested lifetime of the token

{
  "authreq": "eyJlY2RoIjoieDI1NTE5IiwidHlwIjoiSldUIiwiYWxnIjoiSFMyNTYifQ.eyJpc3MiOiJmZjYvcnBncHJ3Nk9qY1BiZWRJQjVMYnN4alpxbW5mNDNKMXplSzF4ODJJPSIsImF1ZCI6Ik56bzNtUlpmN3YwRGhpN2dobkdPY3R0Qk42SFJqVGRhUG4vc1hhc3k3alU9IiwiaWF0IjoxNjQ3ODcxMTE3LCJleHAiOjE2NDc4NzQ3MTcsImp0aSI6ImpZUTRZdU0vUWJydEdvRElRdUNTUW1zdjdNek9sNytKM3ExRjdYM25CN2s9Iiwic2NvcGUiOnsiTC9EenNjUXJ0dGo4S0Y4QTE1WjFVbkJwaXdjTUdudXZTRy94cUlwOXI0UT0iOiJBL3loTmp2ZldFOGdOMU5FSElSR1hEVFFpeVdENlY4YzRyL0o3dCtDOE1nWUxpT3Y2SEpXUWplbmJueFU3aGZkRCJ9fQ.yiE_kG3FA4h-2MXO3r00WyS1ScbHijR6VBdNxKz1uTI",
  "epk": "Nzo3mRZf7v0Dhi7ghnGOcttBN6HRjTdaPn/sXasy7jU="
}

Response data for successful operation

Name
Type
Description

authreq

String

Authentication request

epk

String

Broker ephemeral public key

Phase 2 - response

Post authentication data

POST https://my.ence.do/api/auth/ext/token

Post authentication data signed by an external authenticator.

Headers

Name
Type
Description

Content-Type*

String

application/json

Request Body

Name
Type
Description

authreply*

String

Authentication data to be validated by the device

{
  "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzY29wZSI6ImtleW1nbXQ6bGlzdCIsInN1YiI6IlFxL0VHZHZhY21Ock42SkZXVlhnbFE9PSIsImlhdCI6MTY0Nzg3MTEyMiwiZXhwIjoxNjQ3ODcyMDIwLCJqdGkiOiJrb1E0WXNDZjNMNGlUcmwycHk2Zzd0M2p2Vjlwd3dzSXI2Ly9GOTZPZllJPSJ9.u7lVd5B6CZxmM3Sch9HVBa5-MRadhDlNnCaCTeBq2DY"
}

Response data for successful operation

Name
Type
Description

token

String

JWT access token (refered as JWT_TOKEN)

Log entries

Event
Result
Source

LOG_TYPE_AUTH_SUCCESS_EXTERNAL

LOG_RESULT_OK

200

PreviousRegistrationNextKey Management

Last updated