Skip to content

Implementing Two Factor Authentication

Jump to bottom
Guillaume Viguier-Just edited this page Oct 14, 2019 · 3 revisions

2FA methods

HID only supports 2 factor authentication via an application (such as for example Google Authenticator). 2FA via SMS is not supported and there is no immediate plan to support it in the future.

Enabling 2FA via an application

In order to enable 2FA via an application, your client application will need to use the following API methods in this order:

  1. POST /api/v2/totp/qrcode: this method will generate a QRCode (as a base64 image URL). This QRCode will need to be read by Google Authenticator (or any other 2FA application) so that the 2FA key can be added to the user's 2FA application.
  2. POST /api/v2/totp: call this method with, in the request payload {method: 'app'} and, in the X-HID-TOTP header, the 2FA code. This will enable 2FA for the current user.
  3. GET /api/v2/totp: call this method with, in the X-HID-TOTP request header, the value of the 2FA code. If you get an empty 200 response, it means that the code is valid. This method is there for testing purposes only.
  4. DELETE /api/v2/totp: call this method to disable TOTP
Clone this wiki locally