User authentication

Those endpoints allow to authenticate the User or Master based on passphrase.

These two endpoints are wide open and do not need any authorization data.

The authentication procedure requires a valid RTC to be set.

Phase 1 - challenge

Get a challenge

GET https://my.ence.do/api/auth/token

Get a challenge data to perform user authentication based on it.

{
  "exp": 1647871504,
  "spk": "0kRmCliUQvRwfxi7T1ek2GtbSERzMFRGLeyO1r1tEXo=",
  "jti": "1IU4Yont+/lZxh+HpgBwsc2sOWybfByFI+n8vAxWQzU=",
  "lbl": "My device",
  "eid": "ff6/rpgprw6OjcPbedIB5LbsxjZqmnf43J1zeK1x82I="
}

Response data for successful operation

Name
Type
Description

exp

Number

Expire timestamp

eid

String

EncedoID, public key of the instance.

jti

String

Token id

lbl

String

Label, username

spk

String

Session public key

Phase 2 - response

Post authentication data

POST https://my.ence.do/api/auth/token

Post authentication data signed based on user passphrase.

Headers

Name
Type
Description

Content-Type*

String

application/json

Request Body

Name
Type
Description

auth*

String

Authentication data to be validated by the device

{
  "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzY29wZSI6ImxvZ2dlcjpnZXQiLCJzdWIiOiJVIiwiaWF0IjoxNjQ3ODcxNDQ1LCJleHAiOjE2NDc5MDAyNDUsImp0aSI6IjFZVTRZcG5WeTVyWGF1d3hUMklYUlg5MWhUQ3hhVUV0R2RPQksyNXpBNDA9In0.wlFlgdpP4bPxNZoPAGaPqqyV1yuri2-Z53l7B8CfcXU"
}

Response data for successful operation

Name
Type
Description

token

String

JWT access token (refered as JWT_TOKEN)

Log entries

Event
Result
Source

LOG_TYPE_AUTH_SUCCESS_INTERNAL

LOG_RESULT_OK

200

PreviousInitializationNextExternal authenticator

Last updated