# User authentication {% hint style="info" %} These two endpoints are wide open and do not need any authorization data. {% endhint %} {% hint style="danger" %} The authentication procedure requires a valid RTC to be set. {% endhint %} #### Phase 1 - challenge ## Get a challenge `GET` `https://my.ence.do/api/auth/token` Get a challenge data to perform user authentication based on it. #### Response status code {% tabs %} {% tab title="200: Operation successful" %} ```javascript { "exp": 1647871504, "spk": "0kRmCliUQvRwfxi7T1ek2GtbSERzMFRGLeyO1r1tEXo=", "jti": "1IU4Yont+/lZxh+HpgBwsc2sOWybfByFI+n8vAxWQzU=", "lbl": "My device", "eid": "ff6/rpgprw6OjcPbedIB5LbsxjZqmnf43J1zeK1x82I=" } ``` {% endtab %} {% tab title="403: Clock RTC not set" %} {% endtab %} {% tab title="409: Incorrect internal state" %} {% endtab %} {% endtabs %} #### Response data for successful operation
NameTypeDescription
expNumberExpire timestamp
eidStringEncedoID, public key of the instance.
jtiStringToken id
lblStringLabel, username
spkStringSession public key
#### Phase 2 - response ## Post authentication data `POST` `https://my.ence.do/api/auth/token` Post-authentication data is signed based on the user's passphrase. #### Headers | Name | Type | Description | | ---------------------------------------------- | ------ | ---------------- | | Content-Type\* | String | application/json | #### Request Body | Name | Type | Description | | ---------------------------------------- | ------ | ------------------------------------------------- | | `auth`\* | String | Authentication data to be validated by the device | #### Response status code {% tabs %} {% tab title="200: Operation successful" %} ```javascript { "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzY29wZSI6ImxvZ2dlcjpnZXQiLCJzdWIiOiJVIiwiaWF0IjoxNjQ3ODcxNDQ1LCJleHAiOjE2NDc5MDAyNDUsImp0aSI6IjFZVTRZcG5WeTVyWGF1d3hUMklYUlg5MWhUQ3hhVUV0R2RPQksyNXpBNDA9In0.wlFlgdpP4bPxNZoPAGaPqqyV1yuri2-Z53l7B8CfcXU" } ``` {% endtab %} {% tab title="400: Incorrect argument(s)" %} {% endtab %} {% tab title="401: User not authenticated" %} {% endtab %} {% tab title="403: Clock RTC not set" %} {% endtab %} {% tab title="409: Incorrect internal state" %} {% endtab %} {% endtabs %} #### Response data for successful operation
NameTypeDescription
tokenStringJWT access token (refered as JWT_TOKEN)
#### Log entries
EventResultSource
LOG_TYPE_AUTH_SUCCESS_INTERNALLOG_RESULT_OK200
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.encedo.com/hem-api/reference/api-reference/authorization/user-authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.