Đăng nhập

Cơ Chế Đăng Nhập Token Hơn Cookie Và Session Như Thế Nào? Login Security

Use this API to generate a session login token in scenarios in which MFA may or may not be required. Both scenarios are supported. A session login token expires two minutes aftercreation.

When MFA is required, this API works in close conjunction with the Verify Factor APIcall.

Đang xem: đăng nhập token

For detailed usage flows and examples that illustrate how to use this API to log a user in, see Logging a User in ViaAPI.

DelegatedAuthentication

You can also use this API to delegate authentication of a user to hoanhtao3d.vn without starting a hoanhtao3d.vn session. In delegated authentication, you treat the token returned in the 200 OK – Success message as a confirmation that the user has been authenticated, but you do not use the session tokenitself.

Likewise, you can use the 401 – Unauthorized status code to indicate that a user could not beauthenticated.

You can perform delegated authentication with or without MFA. When MFA is required, the Create Session Login Token API works in close conjunction with the Verify Factor API call. When you want to simply authenticate a user in hoanhtao3d.vn and MFA is required, you can just treat the token returned by the Verify Factor API in the 200 OK – Success message as a confirmation that the user has beenauthenticated.

ResourceURL

https:///api/1/login/auth

HeaderParameters

Authorization

required

string

Set tobearer:.

Set to the access token you generated using the Generate TokenAPI.

The access token must have been generated using an API credential pair created using the scope required to call this API. This API can be called using the Authentication Only, Manage Users or Manage All scope.

Content-Type

required

string

Set to application/json.

Custom-Allowed-Origin-Header-1

string

Required for CORS requests only. Set to the Origin URI from which you are allowed to send a request usingCORS.

://:

Port is optional. Do not include path information. Add as many comma-delimited URIs as you like, limited only by header length. You can use additional headers ifneeded.

Forexample,

https://www.foo.com,https://doggerel.com:4567

You can use as many headers as youwant.

For more information, see Logging a User in Via API and Create Session Via API Token.

RequestParameters

username_or_email

required

string

Set to the username or email of the user that you want to login.

password

required

string

Set to the password of the user that you want to log in.

subdomain

required

string

Set to the subdomain of the user that you want to login.

For example, if your hoanhtao3d.vn URL is splinkly.hoanhtao3d.vn.com, enter splinkly as the subdomainvalue.

CustomDomains

When a custom domain is in use you still need to provide your original hoanhtao3d.vn subdomain in this field. Do not use the custom domainhere.

fields

string

Optional. A comma separated list of user fields toreturn.

If this attribute is ommited then by default the users id, firstname, lastname, email, and username will bereturned.

Otherwise only the list of fields supplied will be returned. For a full list of possible user fields see userresource.

To return custom attributes prefix the field with`custom_attributes`.

{ “fields”: “id, firstname, custom_attributes.employeeNumber” }

RequestBody

{ “username_or_email”:””, “password”:””, “subdomain”:””}

SampleResponse

This is what a 200 OK response looks like when MFA is notrequired.

{ “status”: { “type”: “success”, “message”: “Success”, “code”: 200, “error”: false }, “data”: < { "status": "Authenticated", "user": { "username": "kinua", "email": "kinua.wong

{ “status”: { “type”: “success”, “code”: 200, “message”: “MFA is required for this user”, “error”: false }, “data”: < { "user": { "email": "jennifer.hasenfus
hoanhtao3d.vn.com”, “username”: “jhasenfus”, “firstname”: “Jennifer”, “lastname”: “Hasenfus”, “id”: 88888888 }, “state_token”: “xf4330878444597bd3933d4247cc1xxxxxxxxxxx”, “callback_url”: “https://api.us.hoanhtao3d.vn.com/api/1/login/verify_factor”, “devices”: < { "device_type": "hoanhtao3d.vn OTP SMS", "device_id": 111111 }, { "device_type": "Google Authenticator", "device_id": 444444 } > } >}
{ “status”:{ “type”:”bad request”, “code”:400, “message”:”MFA is required but the user has not set up any factors”, “error”:true }, “error_method”:true}{ “status”: { “code”: 400, “error”: true, “message”: “Input JSON is not valid”, “type”: “bad request” }}{ “status”: { “type”: “bad request”, “code”: 400, “message”: “user is unlicensed”, “error”: true }}Typically, the following error means that your email_or_username and/or subdomain values areinvalid.

{ “status”: { “error”: true, “code”: 400, “type”: “bad request”, “message”: “bad request” }}
This error means that your password hasexpired.

Xem thêm: How To crack Autodesk Revit 2022 Full Version With crack 64 Bit

{ “status”: { “type”: “Unauthorized”, “message”: “Password expired”, “error”: true, “code”: 401 }}Typically, the following error means that your password isincorrect.

{ “status”: { “code”: 401, “error”: true, “message”: “Authentication Failed: Invalid user credentials”, “type”: “Unauthorized”}User account is locked. Usually due to many failed loginattempts.

{ “status”: { “type”: “Unauthorized”, “code”: 401, “message”: “User is locked. Access is unauthorized”, “error”: true }}Typically, the following error means that your access token values are incorrect but could also indicate user is suspended or notactivated.

{ “status”: { “code”: 401, “error”: true, “message”: “Authentication Failed”, “type”: “Unauthorized”}Typically, the following error means that the access token used to make the call was generated using API credentials that have insufficient permissions. This API can be called using the Manage Users or Manage All scopeonly.

{ “status”: { “error”: true, “code”: 401, “type”: “Unauthorized”, “message”: “Insufficient Permission” }}

ResponseElements

expires_at

Date and time at which the session token will expire. Tokens expire two minutes aftercreation.

Returned only when MFA is notrequired.

return_to_url

Returns the return_to_url value sent in the request, ifapplicable.

Returned only when MFA is not required.

session_token

Provides the session token that can be used to log the userin.

In cases in which you are using this API to simply delegate authentication, you can treat this token as a confirmation that the user has beenauthenticated.

Returned only when MFA is not required.

status

Authenticated: Indicates that the username_or_email and password values sent in the request arevalid.

Returned only when MFA is not required.

user

Provides information about the user that will be logged in via the sessiontoken.

email firstname id lastname username

state_token

Provides the state_token value that must be submitted with each Verify Factor API call until the session login token has beenissued.

Returned only when MFA is required.

callback_url

Provides the Verify Factor API endpoint to which the device_id, state_token, and otp_token must be sent forverification.

Returned only when MFA is required.

devices

Provides device values that must be submitted with the Verify Factor APIcall.

device_type: Lists an available MFA device type, such as hoanhtao3d.vn OTP SMS, Google Authenticator, or DuoSecurity.

When the device type is Duo Security, two additional elements arereturned:

duo_sig_request

duo_api_hostname

Returned only when MFA isrequired

PostmanCollection

Be sure to set Postman-specific environment variables indicated by {{}}.

Xem thêm: Ứng Dụng Phần Mềm Thiết Kế Thời Trang 3D Marvelous Designer 10 Full

*

download for the UsersAPI

SampleCode

cURL

Replace sample values indicated by with your actualvalues.

curl “https:///api/1/login/auth” -X POST -H “Authorization: bearer: ” -H “Content-Type: application/json” -d “{ “username_or_email”: “”, “password”: “”, “subdomain”: “”}”If you are using a CORS request to post the session token,add:

-H “Custom-Allowed-Origin-Header-1: ” where https://www.foo.com is the exact URL of the site from which the CORS request will beposted.

Related Articles

Back to top button
Close
Close