RapidIdentity Product Guide: New UI

QR Code Authentication Method

The QR Code authentication method is a bit different from the other methods so far because it can be used to initiate the authentication process as well as provide another factor after authentication has been initiated via standard Initialization schemes.

As Initialization

At the API level, you know that a QR code may be used to initialize the authentication process if the response from the initialization request contains the property allowQRCodeScan with a value of true.

Currently, there are to ways for this to happen:

  1. If there is at least one enabled Authentication Policy whose first enabled method is QR Code

  2. If there is at least one enabled Authentication Policy whose insecureQRIdEnabled flag is set to true

HTTP/1.1 200 OK 
Content-Type: application/json
{
  "type": "username+password",
  "id": "35bf1450-2dbe-11e6-8a8b-005056c00008",
  "allowQRCodeScan": true,
  "claimAccountLink": {
    "href": "/arms/claim/",
    "displayName": "Claim My Account"
  },
  "helpLinks": [
    {
      "href": "/arms/forgotmyusername",
      "displayName": "Forgot My Username"
    },
    {
      "href": "/arms/forgotmypassword?redirect_to=/arms",
      "displayName": "Forgot My Password"
    }
  ]
}

To successfully initialize the authentication process with a QR code, the client must send a request containing the value encoded by the QR Code as read by a scanner:

POST /idp/ws/rest/authn HTTP/1.1 
Content-Type: application/json 
Accept: application/json
{
  "type": "qrCode",
  "id": "35bf1450-2dbe-11e6-8a8b-005056c00008",
  "value": "gobbledygookgibbersih"
}
As an Authentication Step

Here is an example response from the server indicating that QR Code authentication is required as the next step:

HTTP/1.1 200 OK 
Content-Type: application/json
{
  "type": "qrCode",
  "id": "e89afb10-2e6e-11e6-b6f0-005056c00008"
}

To successfully complete the QR code authentication step, the client must send a request containing the value encoded by the QR Code as read by a scanner:

POST /idp/ws/rest/authn HTTP/1.1 
Content-Type: application/json 
Accept: application/json
{
  "type": "qrCode",
  "id": "e89afb10-2e6e-11e6-b6f0-005056c00008",
  "value": "gobbledygookgibbersih"
}