TOTP API is supported by Ubisecure SSO as of version 8.6
Introduction
TOTP API enables administrators to manage the TOTP secrets of the users. With TOTP API it's possible to manage the secrets for users in other types of directories in addition to Ubilogin Directory.
Recommendation
. 2 . ( ) 2 , .
The API calls available are:
- PUT /totp/api/v1/methods/{method} - Configures the TOTP method for a user
- DELETE /totp/api/v1/methods/{method} - Deletes the TOTP method from a user
- GET /totp/api/v1/methods/{method} - Gets the TOTP method status for a user
API documentation
TOTP API is documented using Swagger. In order to access the API specification, you can enable the API documentation as instructed in TOTP API configuration chapter Enable API documentation. Documentation is accessible in https://<sso-base-url>/totp/swagger-ui/ and it defines the endpoints, payloads, and responses. You can also use the Swagger UI to test the API.
Swagger API specification
The API specification for your installation is available in https://<sso-base-url>/totp/v2/api-docs
Testing the API with the documentation webpage
The Swagger UI has a feature for trying out the different endpoints. A valid access token is required in order to call the endpoints. See TOTP API configuration chapter Verify the API works for instructions on acquiring an access token.
In order to provide an access token to be used in the API calls, click the following button
and write Bearer
followed by an access token in the input field and click Authorize.
After this you can try the different endpoints.
Related content