HTTP Authentication API

Similar documents
Authentication API SecurAccess API Guide Version /18

Black Box DCX3000 / DCX1000 Using the API

All requests must be authenticated using the login and password you use to access your account.

Manage Workflows. Workflows and Workflow Actions

Lecture 7b: HTTP. Feb. 24, Internet and Intranet Protocols and Applications

Using CSE Cisco Anyconnect with 2FA

Hypertext Transport Protocol

Using MFA with the Pulse Client

Lab 2. All datagrams related to favicon.ico had been ignored. Diagram 1. Diagram 2

Enroll in Two factor Authentication - iphone

REST Admin API. Note: Version 9.X or higher is required for the support of REST API. Version /17

We currently are able to offer three different action types:

OAM 2FA Value-Added Module (VAM) Deployment Guide

Online Banking Initial Log In Instructions. Go to and enter your username: Ex JaneDoe

The HTTP protocol. Fulvio Corno, Dario Bonino. 08/10/09 http 1

RESTful API SecurAccess RESTful API Guide

INTERNET ENGINEERING. HTTP Protocol. Sadegh Aliakbary

Module 3 Web Component

Way2mint SMS Mobile Terminate (MT) API Guide for HTTP HTTPS

HTTP Console Documentation

Secured by RSA Implementation Guide for Software Token Authenticators

WWW: the http protocol

Wireshark Lab: HTTP SOLUTION

MSU Authorized User Campus Access Procedure, Campus VPN

a. Send Me a Push A DUO MOBILE Login request will appear on your Smartphone or Tablet. To authenticate:

Getting Started Using Cisco License Manager

OXE Free desktop Guide

HTTP 1.1 Web Server and Client

The production version of your service API must be served over HTTPS.

External HTTPS Trigger AXIS Camera Station 5.06 and above

Backend Development. SWE 432, Fall 2017 Design and Implementation of Software for the Web

Data Exchange via ProjektPortal

Controller/server communication

ENERGY MANAGEMENT INFORMATION SYSTEM. EMIS Web Service for Sensor Readings. Issue

QUICK REFERENCE GUIDE. Managed Network Security Portal Multi-Factor Authentication

Authentication Options

REST. Lecture BigData Analytics. Julian M. Kunkel. University of Hamburg / German Climate Computing Center (DKRZ)

Duo Enrollment for DA Employees

C22: Browser & Web Server Communication

RapidIdentity Mobile Guide

Approving Journal Entries

Introduction to HTTP. Jonathan Sillito

CS 43: Computer Networks. Layering & HTTP September 7, 2018

MFA Pilot Instructions

Project 2 Implementing a Simple HTTP Web Proxy

Active Sync Devices: Procedures and Policies

SurePassID Local Agent Guide SurePassID Authentication Server 2016

Infoblox Authenticated DHCP

Project 2 Group Project Implementing a Simple HTTP Web Proxy

Sage CRM 2018 R3 Release Notes. Updated: August 2018

Wireshark HTTP. Introduction. The Basic HTTP GET/response interaction

Sophos Mobile SaaS startup guide. Product version: 7.1

HTTP Requests and Header Settings

UA-Tester.... or why Web-Application Penetration Testers are only getting half the story

Service User Manual. Outlook By SYSCOM (USA) May 2, Version 2.0. Outlook 2007 Ver. 2.0

Nasuni Data API Nasuni Corporation Boston, MA

Entrust Soft Token User Guide. About Entrust Soft Tokens. Installing the Soft Token on a device

Electronically Prescribing Controlled Substances

ICE CLEAR EUROPE DMS GLOBAL ID CREATION USER GUIDE VERSION 1.0

Controller/server communication

Mobile Login Extension User Manual

Application Level Protocols

Highwinds CDN Content Protection Products. August 2009

Barracuda Networks NG Firewall 7.0.0

ST-1 Software Token. QUICK Reference

Accessing Positive Networks on an ipad/iphone

Nasuni Data API Nasuni Corporation Boston, MA

How to Integrate RSA SecurID with the Barracuda Web Application Firewall

SecurEnvoy Microsoft Server Agent

MFA Instructions. Getting Started. 1. Go to Apps, select Play Store 2. Search for Microsoft Authenticator 3. Click Install

SurePassID ServicePass User Guide. SurePassID Authentication Server 2017

CSSE 460 Computer Networks Group Projects: Implement a Simple HTTP Web Proxy

REGISTERING YOUR BYOD DEVICE

How to Set Up a Custom Challenge Page for Authentication

Notification Services

Nabto SDK Nabto Serial Link Protocol

COSC 2206 Internet Tools. The HTTP Protocol

HashCookies A Simple Recipe

Using OAuth 2.0 to Access ionbiz APIs

Crystal Enterprise. Overview. Contents. Web Server Overview - Internet Information System (IIS)

TM-H6000V. WebConfig API User's Manual. Overview. Web API Specification. Reference. M Rev.A. Describes an overview of WebConfig API.

Yioop Full Historical Indexing In Cache Navigation. Akshat Kukreti

External Authentication with Windows 2008R2 Server with Remote Desktop Web Gateway Authenticating Users Using SecurAccess Server by SecurEnvoy

MANTRA REGISTERED DEVICE SERVICE WINDOWS MANTRA SOFTECH INDIA PVT LTD

Using the Cisco Unified Analysis Manager Tools

KB181: Gaining Secure Remote Access via Citrix

REST Easy with Infrared360

Error Sending Dav Request. Http Code 401 Status 'unauthorized'

Web Intelligence Rich Client Getting Started Business Objects 4.1

User Guide. Version R92. English

WEB TECHNOLOGIES CHAPTER 1

Citrix Systems, Inc. Web Interface

SecurEnvoy Microsoft Server Agent Installation and Admin Guide v9.3

Outlook 2010 Exchange Setup Guide

Security Access Manager 7.0

SMS-Bulk Gateway HTTP interface

Browser Set-Up Instructions

Data Sources. Data Sources Page

Duo Security Enrollment Guide

Sophos Mobile as a Service

Transcription:

HTTP Authentication API Note: Both GET (URL format) and POST http requests are supported. Note that POST is considered better security as URL data can be cached in the browser. HTTP URL Format http(s)://your_securenvoy_server/secserver?flag=desktop&version=2.0&status=auth&userid=(my_userid)&passcode=(6 digit passcode to check)& SESSIONKEY=(SESSIONKEY value if known)&custommessage=(optional push,sms message) HTTP Post Format POST to http(s)://your_securenvoy_server/secserver/securectrl.exe Headers Content-Type: text/html; charset=utf8 Data FLAG: DESKTOP USERID:(Userid of user authenticating including domain example fred@mydomain.com) PASSCODE:(6 digit passcode to check) SESSIONKEY:(return this from previous SESSIONKEY value if known) CUSTOMMESSAGE:(optional push message URL Encoded with UTF8) Return (the server sides version for information only) or ERR and an error message, DENIED or CHALLENGE Additional Return If AUTH:CHALLENGE SESSIONKEY:(This key MUST be return in the next connection) REALTIMECHALLENGE:(Optional, if return this text should be displayed to the user)

Flow Diagram Send Data to Server Challenge Return Err Exit and Display Error Message Ok Auth Denied Access Denied Ok Access Accepted

Example HTTP URL for Two Step SMS Realtime Step 1: Client sends the following URL https://your_securenvoy_server/secserver?flag=desktop&version=2.0& STATUS=AUTH&USERID= fred@mydomain.com &PASSCODE= AUTH:CHALLENGE SESSIONKEY:SE4E3A0A6202452F87F5757AD407003AA4D5295BB2 REALTIMECHALLENGE:Enter Your 6 Digit Passcode GETPASSCODE:True Step 3: As CHALLENGE was returned, client sends the following https://your_securenvoy_server/secserver?flag=desktop&version=2.0& STATUS=AUTH&USERID= fred@mydomain.com &PASSCODE=234123& SESSIONKEY=SE4E3A0A6202452F87F5757AD407003AA4D5295BB2 Step 4: Server returns:

Example HTTP Post for Two Step SMS Realtime Step 1: Client sends the following raw data Content-Type: text/html; charset=utf8 (2 carriage returns to end html headers) PASSCODE: leave this blank as it s not known at this stage) AUTH:CHALLENGE SESSIONKEY:SE4E3A0A6202452F87F5757AD407003AA4D5295BB2 REALTIMECHALLENGE:Enter Your 6 Digit Passcode GETPASSCODE:True Step 3: Client sends the following PASSCODE:234123 (The 6 digit passcode entered by the user) SESSIONKEY:SE4E3A0A6202452F87F5757AD407003AA4D5295BB2 Step 4: Server returns:

Example Post for Pre-Loaded SMS In One Step Step 1: Client sends the following Content-Type: text/html; charset=utf8 PASSCODE:234123 (The 6 digit passcode entered by the user)

Example HTTP Post for Push with off-line Failover Step 1: Client sends the following raw data Content-Type: text/html; charset=utf8 (2 carriage returns to end html headers) STATUS:INIT (this will send the push request to the user) CUSTOMMESSAGE:(optional, message to display in push notification, must be URL encoded with UTF8) USERID:fred@mydomain.com (the userid of the user authenticating with PUSH) GETPASSCODE:False (Push returned OK and Authentication is OK) OR GETPASSCODE:True (Push rejected or timed out, need to prompt for a passcode) Step 3: Only required if GETPASSCODE:True returned PASSCODE:234123 (The 6 digit passcode entered by the user) Step 4: Server returns:

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback