Search Results
-
Using PhenixID HTTP API to send SMS
Updated on: Oct 03, 2019To use the API, one method is called. It will return:
- HTTP Status code 200 if SMS was sent ok.
- HTTP Status code 403 if SMS could not be sent
-
Using PhenixID HTTP API for Token OTP authentication
To use the API, fetch username and OTP from the end user and send it to the API endpoint.
-
Using PhenixID HTTP API for Swedish BankID authentication
To use the API, two methods must be called. The first API method call is to trigger the authentication. This will return a transaction ID value. The second API method call will poll the status of the authentication. The API client must poll until a status=OK or an error is returned.
-
Using PhenixID HTTP API for Swedish Freja eID authentication
To use the API, two methods must be called. The first API method call is to trigger the authentication. This will return a authRef value. The second API method call will poll the status of the authentication. The API client must poll until a status=APPROVED, CANCELED, RP_CANCELED or EXPIRED is returned.
-
Using PhenixID HTTP API for PhenixID OneTouch authentication (push)
To use the API, two methods must be called. The first API method call is to trigger the authentication. This will return an assignment ID value. The second API method call will poll the status of the authentication. The API client must poll the authentication until a authentication-process-done status is returned.
-
Using PhenixID HTTP API to get OTP based on called-in phone number
The use case behind this API call:
- The end user will retreive one-time-password by calling to a specific phone number (company phone system)
- The company phone system will pick up the phone number of the called-in user
- The company phone system will call out to this api, sending in the phone number of the called-in user
- PhenixID MFA server will search for the user (based on the received phone number)
- If the user is found, an OTP will be generated and bound to the userID
- The PhenixID HTTP API will return the OTP value to the calling API client (the company phone system)
- The company phone system will automatically echo the one-time-password to the end user.
- API function end
After the api call:
- The end user will enter username, password and OTP (the service protected may vary) and click Login
- Username, password and OTP will be sent to PhenixID MFA server
- PhenixID MFA server will validate the password (against the user directory) and the OTP
- If validation is ok, user will be logged in.
NB! This scenario can also be used for username+OTP based logins.
-
Using PhenixID HTTP API for session verification (get userID and authentication method)
To use the API, one method is called. It will return:
- HTTP Status code 200 if session is still valid. Authentication method (auth_method) and user ID (userid) will be returned.
- HTTP Status code 403 if session is not valid.
-
Using PhenixID HTTP API for NetID Access (SITHS/EFOS/Myndighets CA/Own CA) authentication
To use the API, two methods must be called. The first API method call is to trigger the authentication. This will return a transaction ID value. The second API method call will poll the status of the authentication. The API client must poll until a status=COMPLETE or an error is returned.