PASSWORD set up - monetplus/IDport GitHub Wiki
PASSWORD set up
This flow describes how to set up new password with already active PASSWORD method.
There are several use-cases that can utilize this flow, e.g.:
- Get method parameters
IAPI/methodParams
- Calculate password hash
- Initiate instance of PASSWORD method
IAPI/initiateInstance
- Activate instance of PASSWORD method
IAPI/activateInstance
Get method parameters
- obtaining method specific parameters
- used parameters:
| Parameter |
Description |
Required |
Value example |
methodType |
type of used method |
true |
["PASSWORD","ACTIVATION_CODE","SMS","CM","SPNEGO","TLS_CLIENT"] |
muid |
user identifier |
true |
cg2t1 |
tenant |
organisation name, if not supplied, default value from configuration is taken |
false |
Monet+ |
- REST API callback:
IAPI/methodParams
POST http://${BASE_URL}/case-iapi/v1/methodParams
{
"tenant": "idport",
"muid": "cg2t1",
"methodType": "PASSWORD"
}
{
"status": "success",
"data": {
"methodSpecific": {
"algType": 2,
"salt": "S4IA9/pt+mOclZ6bRlK48lYktaDdaAJHG16Fot6mXuA="
"complexity": { // optional, based on PASSWORD method configuration
"minLength": 5,
"maxLength": 8,
"requiresDigits": true,
"requiresUppercaseLetters": true,
"requiresLowercaseLetters": true,
"requiresOtherCharacters": true
}
}
}
}
Calculate password hash
- for
algType = 2
- calculation of
password hash = sha256(salt||password) where password is password supplied by user and salt is parameter .data.methodSpecific.salt from IAPI/activateMethod response.
Initiate instance of PASSWORD method
- creating instance in INITIATED state and saving the password hash
- used parameters:
| Parameter |
Description |
Required |
Value example |
methodType |
type of used method |
true |
["PASSWORD","ACTIVATION_CODE","SMS","CM","SPNEGO","TLS_CLIENT"] |
muid |
user identifier |
true |
cg2t1 |
name |
instance friendly name |
false |
Swagger instance test name |
tenant |
organisation name, if not supplied, default value from configuration is taken |
false |
Monet+ |
methodSpecific.value |
base64-encoded password hash (according to algorithm type) |
false |
BRS2IIsHA/vX+burYewoRgi+DMXvOb+wabBiUMtNNPM= |
- REST API callback:
IAPI/initiateInstance
POST http://${BASE_URL}/case-iapi/v1/initiateInstance
{
"tenant": "idport",
"muid": "cg2t1",
"methodType": "PASSWORD",
"methodSpecific": {
"value": "3tlKBG08EWYnu2a3hcSGK0y7/seAUKFHqIwWCn99K00="
},
"name": "JMTest - 2020-07-29 08-23-44.114"
}
{
"status": "success",
"data": {
"instanceInfo": {
"@type": "cz.monetplus.idport.component.model.InstanceInfo",
"instanceId": "PASSWORD:9b2460c2-7e57-4481-8561-19a1753afeb1:cg2t1",
"state": "INITIATED",
"instanceName": "JMTest - 2020-07-29 08-23-44.114"
}
}
}
Activate instance of PASSWORD method
- confirmation of activation and transition of instance state to ACTIVE
- used parameters:
| Parameter |
Description |
Required |
Value example |
instanceId |
instance identifier |
true |
9e67b9e786c8a156b6135107841ed44c12e93420be366a02ba91f6fd0efc84c3 |
methodType |
type of used method |
true |
["PASSWORD","ACTIVATION_CODE","SMS","CM","SPNEGO","TLS_CLIENT"] |
muid |
user identifier |
true |
cg2t1 |
tenant |
organisation name, if not supplied, default value from configuration is taken |
false |
Monet+ |
- REST API callback:
IAPI/activateInstance
POST http://${BASE_URL}/case-iapi/v1/activateInstance
{
"tenant": "idport",
"muid": "cg2t1",
"methodType": "PASSWORD",
"instanceId": "PASSWORD:9b2460c2-7e57-4481-8561-19a1753afeb1:cg2t1"
}
{
"status": "success",
"data": {
"instanceInfo": {
"@type": "cz.monetplus.idport.component.model.InstanceInfo",
"instanceId": "PASSWORD:9b2460c2-7e57-4481-8561-19a1753afeb1:cg2t1",
"state": "ACTIVE",
"instanceName": "JMTest - 2020-07-29 08-23-44.114"
}
}
}