User authentication

Those endpoints allow to authenticate the User or Master based on passphrase.

These two endpoints are wide open and do not need any authorization data.

The authentication procedure requires a valid RTC to be set.

Phase 1 - challenge

Get a challenge

GET https://my.ence.do/api/auth/token

Get a challenge data to perform user authentication based on it.

{
  "exp": 1647871504,
  "spk": "0kRmCliUQvRwfxi7T1ek2GtbSERzMFRGLeyO1r1tEXo=",
  "jti": "1IU4Yont+/lZxh+HpgBwsc2sOWybfByFI+n8vAxWQzU=",
  "lbl": "My device",
  "eid": "ff6/rpgprw6OjcPbedIB5LbsxjZqmnf43J1zeK1x82I="
}

Response data for successful operation

Phase 2 - response

Post authentication data

POST https://my.ence.do/api/auth/token

Post authentication data signed based on user passphrase.

Headers

Request Body

{
  "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzY29wZSI6ImxvZ2dlcjpnZXQiLCJzdWIiOiJVIiwiaWF0IjoxNjQ3ODcxNDQ1LCJleHAiOjE2NDc5MDAyNDUsImp0aSI6IjFZVTRZcG5WeTVyWGF1d3hUMklYUlg5MWhUQ3hhVUV0R2RPQksyNXpBNDA9In0.wlFlgdpP4bPxNZoPAGaPqqyV1yuri2-Z53l7B8CfcXU"
}

Response data for successful operation

Log entries

PreviousInitializationNextExternal authenticator

Last updated