SMS Authentication Method
Here is an example response from the server indicating that SMS authentication is required as the next step:
HTTP/1.1 200 OK
Content-Type: application/json
{
"type": "sms",
"id": "beaa50c0-4a9a-11e5-ae5f-0050b6c32ffc"
}This indicates that RapidFederation was able to successfully call out to the SMS provider to send a One-Time Password (OTP) to the user's mobile device.
In addition to sending the standard id and type properties with the next request, the otpCode should be included with the value the user received on their device.
POST /idp/ws/rest/authn HTTP/1.1
Content-Type: application/json
Accept: application/json
{
"type": "sms",
"id": "beaa50c0-4a9a-11e5-ae5f-0050b6c32ffc",
"otpCode": "123456"
}Re-sending the OTP
Please note that this will negate the original code and in the event that the user receives both codes, the latest one is the only one which will work.
If the user wishes for RapidFederation to re-send the OTP code to their device the following request can be made:
POST /idp/ws/rest/authn HTTP/1.1
Content-Type: application/json
Accept: application/json
{
"type": "sms",
"id": "beaa50c0-4a9a-11e5-ae5f-0050b6c32ffc",
"forceNewAuthz": true
}