Authentication
Those endpoints allow to authenticate based by External Authenticator.
Phase 1 - challenge
Get a challenge
POST
https://my.ence.do/api/auth/ext/request
Get an authentication request data to challenge the external authenticator.
Headers
Name
Type
Description
Content-Type*
String
application/json
Request Body
Name
Type
Description
epk*
String
Broker ephemeral public key
scope*
String
Requested access scope
exp*
Number
Requested lifetime of the token
{
"authreq": "eyJlY2RoIjoieDI1NTE5IiwidHlwIjoiSldUIiwiYWxnIjoiSFMyNTYifQ.eyJpc3MiOiJmZjYvcnBncHJ3Nk9qY1BiZWRJQjVMYnN4alpxbW5mNDNKMXplSzF4ODJJPSIsImF1ZCI6Ik56bzNtUlpmN3YwRGhpN2dobkdPY3R0Qk42SFJqVGRhUG4vc1hhc3k3alU9IiwiaWF0IjoxNjQ3ODcxMTE3LCJleHAiOjE2NDc4NzQ3MTcsImp0aSI6ImpZUTRZdU0vUWJydEdvRElRdUNTUW1zdjdNek9sNytKM3ExRjdYM25CN2s9Iiwic2NvcGUiOnsiTC9EenNjUXJ0dGo4S0Y4QTE1WjFVbkJwaXdjTUdudXZTRy94cUlwOXI0UT0iOiJBL3loTmp2ZldFOGdOMU5FSElSR1hEVFFpeVdENlY4YzRyL0o3dCtDOE1nWUxpT3Y2SEpXUWplbmJueFU3aGZkRCJ9fQ.yiE_kG3FA4h-2MXO3r00WyS1ScbHijR6VBdNxKz1uTI",
"epk": "Nzo3mRZf7v0Dhi7ghnGOcttBN6HRjTdaPn/sXasy7jU="
}
Response data for successful operation
Name
Type
Description
authreq
String
Authentication request
epk
String
Broker ephemeral public key
Phase 2 - response
Post authentication data
POST
https://my.ence.do/api/auth/ext/token
Post authentication data signed by an external authenticator.
Headers
Name
Type
Description
Content-Type*
String
application/json
Request Body
Name
Type
Description
authreply*
String
Authentication data to be validated by the device
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzY29wZSI6ImtleW1nbXQ6bGlzdCIsInN1YiI6IlFxL0VHZHZhY21Ock42SkZXVlhnbFE9PSIsImlhdCI6MTY0Nzg3MTEyMiwiZXhwIjoxNjQ3ODcyMDIwLCJqdGkiOiJrb1E0WXNDZjNMNGlUcmwycHk2Zzd0M2p2Vjlwd3dzSXI2Ly9GOTZPZllJPSJ9.u7lVd5B6CZxmM3Sch9HVBa5-MRadhDlNnCaCTeBq2DY"
}
Response data for successful operation
Name
Type
Description
token
String
JWT access token (refered as JWT_TOKEN)
Log entries
Event
Result
Source
LOG_TYPE_AUTH_SUCCESS_EXTERNAL
LOG_RESULT_OK
200
Last updated