RapidIdentity Product Guide: New UI

SMS Authentication Method

Here is an example response from the server indicating that SMS authentication is required as the next step:

HTTP/1.1 200 OK 
Content-Type: application/json
{
  "type": "sms",
  "id": "beaa50c0-4a9a-11e5-ae5f-0050b6c32ffc"
}

This indicates that RapidFederation was able to successfully call out to the SMS provider to send a One-Time Password (OTP) to the user's mobile device.

In addition to sending the standard id and type properties with the next request, the otpCode should be included with the value the user received on their device.

POST /idp/ws/rest/authn HTTP/1.1 
Content-Type: application/json 
Accept: application/json
{
  "type": "sms",
  "id": "beaa50c0-4a9a-11e5-ae5f-0050b6c32ffc",
  "otpCode": "123456"
}
Re-sending the OTP

Please note that this will negate the original code and in the event that the user receives both codes, the latest one is the only one which will work.

If the user wishes for RapidFederation to re-send the OTP code to their device the following request can be made:

POST /idp/ws/rest/authn HTTP/1.1 
Content-Type: application/json 
Accept: application/json
{
  "type": "sms",
  "id": "beaa50c0-4a9a-11e5-ae5f-0050b6c32ffc",
  "forceNewAuthz": true
}