User authentication

Those endpoints allow to authenticate the User or Master based on passphrase.

These two endpoints are wide open and do not need any authorization data.

The authentication procedure requires a valid RTC to be set.

Phase 1 - challenge

Get a challenge

GET https://my.ence.do/api/auth/token

Get a challenge data to perform user authentication based on it.

{
  "exp": 1647871504,
  "spk": "0kRmCliUQvRwfxi7T1ek2GtbSERzMFRGLeyO1r1tEXo=",
  "jti": "1IU4Yont+/lZxh+HpgBwsc2sOWybfByFI+n8vAxWQzU=",
  "lbl": "My device",
  "eid": "ff6/rpgprw6OjcPbedIB5LbsxjZqmnf43J1zeK1x82I="
}

Response data for successful operation

NameTypeDescription

exp

Number

Expire timestamp

eid

String

EncedoID, public key of the instance.

jti

String

Token id

lbl

String

Label, username

spk

String

Session public key

Phase 2 - response

Post authentication data

POST https://my.ence.do/api/auth/token

Post authentication data signed based on user passphrase.

Headers

NameTypeDescription

Content-Type*

String

application/json

Request Body

NameTypeDescription

auth*

String

Authentication data to be validated by the device

{
  "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzY29wZSI6ImxvZ2dlcjpnZXQiLCJzdWIiOiJVIiwiaWF0IjoxNjQ3ODcxNDQ1LCJleHAiOjE2NDc5MDAyNDUsImp0aSI6IjFZVTRZcG5WeTVyWGF1d3hUMklYUlg5MWhUQ3hhVUV0R2RPQksyNXpBNDA9In0.wlFlgdpP4bPxNZoPAGaPqqyV1yuri2-Z53l7B8CfcXU"
}

Response data for successful operation

NameTypeDescription

token

String

JWT access token (refered as JWT_TOKEN)

Log entries

EventResultSource

LOG_TYPE_AUTH_SUCCESS_INTERNAL

LOG_RESULT_OK

200

PreviousInitializationNextExternal authenticator

Last updated