Skip to main content

1E 8.1 (on-premises)

Authentication

Entity - Authentication - Handles user authentication

Verb

Request

Notes

Permissions required

POST

/Consumer/Authentication

Authenticates given user

Post body:

Payload example

{
        "UserName": "user name",
        "Password": "pwd"
}

none

POST

/ConsumerAuthentication/Token

To send instruction authentication token.

Used by instruction Two Factor Authentication

Post body:

Payload

{
        "InstructionId" : 1,
        "Token": "ABC"
}

Warning

This is obsolete since v3.1 to support scheduled instructions. Use /Consumer/Authentication/Instruction/Token instead.

Only the user creating the instruction is allowed to call.

POST

/Consumer/Authentication/Instruction/Token

To send instruction authentication token.

Used while doing two-factor authentication.

Request Payload

{
        "Id" : 1,
        "Token": "ABC"
}

Note

Since v3.1

Only the user creating the instruction is allowed to call.

POST

/Consumer/Authentication/ScheduledInstruction/Token

To send scheduled instruction authentication token.

Used while doing two-factor authentication.

Request Payload

{
        "Id" : 1,
        "Token": "ABC"
}

Note

Since v3.1

Only the user creating the scheduled instruction is allowed to call.

POST

/Consumer/Authentication/AuthorizeDevice

API versions up to and including 3.3. Unavailable in versions 4.0 onwards.

Authorizes or rejects a mobile device to be used for two factor authentication

Payload

{
        "RequestId": 1,
        "RequestGuid": "",
        "Authorized" : true,
        "Comment" : ""
}

Request Id and GUID must be supplied and must belong to a valid request.

Authorized should be true if the device should be authorized for 2FA or false if you wish to reject the request.

Comment is optional

Requires 'Write' permission on 'Security'

GET

/Consumer/Authentication/AuthorizationRequests?getall=true|false

API versions up to and including 3.3. Unavailable in versions 4.0 onwards.

Returns authorization requests in the system

If getall is set to true, all requests will be returned. If it is set to false only pending requests are returned.

Return payload

{
        "Id": 1,
        "UserName": "",
        "UserEmail": "",
        "RequestGuid": "",
        "DeviceType": "",
        "CreatedTimestampUtc": "",
        "ModifiedTimestampUtc": "",
        "Manufacturer": "",
        "Model": "",
        "OsVersion": "",
}

Requires 'Read' permission on 'Security'

GET

/Consumer/Authentication/AuthorizationRequests/{id}

API versions up to and including 3.3. Unavailable in versions 4.0 onwards.

Returns a specific authorization request.

Return payload as above

Requires 'Read' permission on 'Security'