Using QRLogin in the API client
To use the qrlogin password less API as the authentication method for your application (API client), follow the prerequisites and use Client for URLs (cURL) to get or send the API requests.
Procedure
- Comply with the Prerequisites.
- Initiate a new QR Login. See Initiate a new QRLogin.
- Poll for completion of an existing QR Login verification. See Poll for completion of an existing QRLogin verification.
- Verify an existing QR Login verification. See Verify an existing QRLogin verification.
- Retrieve successfully verified QR Login request. See Retrieve successfully verified QR Login request.
- Delete a specific verification. See Delete QR Login verification.
Initiate a new QRLogin
{{profile.id}}
with a valid an
IBM Verify registered profile identifier. See Managing registration profiles.'https://{{tenant}}/v2.0/factors/qr/authenticate?profileId={{profile.id}}' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json'
Examplecurl -X GET \
'https://companyAppTest.verify.ibm.com/v2.0/factors/qr/authenticate?profileId=9fe42f1c-3d22-4d2c-99a0-8ff08c93c4b0' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json'
Example
output
response{
"lsi": "zj4lyRfYFlnJcxZYPxKJXR0OB",
"created": "2019-04-01T00:35:18.951Z",
"type": "qr",
"serviceName": "IBM Verify",
"qrCode": " iVBORw0KEUgAAASwAAAEsCAIAAAD2HxkiA",
"profileId": "9fe42f1c-3d22-4d2c-99a0-8ff08c93c4b0",
"location": "https://companyAppTest.verify.ibm.com/v2.0/factors/qr/77348a7f-03b2-494f-a5d4-9a1603ae1592",
"id": "77348a7f-03b2-494f-a5d4-9a1603ae1592",
"expiry": "2019-04-01T00:36:18.951Z",
"state": "PENDING",
"dsi": "NxyVx0412btOrdx1xZJqTPfVPoCRHq3wG1s5udzt",
"updated": "2019-04-01T00:35:18.951Z",
"tenant": " companyAppTest.verify.ibm.com "
}
b64QRCode
in a Base64-encoded
QR Code text converter.Poll for completion of an existing QRLogin verification
Use the following cURL command to retrieve qrlogin request to poll for completion of an existing QR Login verification from an unauthenticated context.
curl -X GET \
'https://{{tenant}}/v2.0/factors/qr /{{qrlogin.ci.id}}?dsi={{qrlogin.dsi}}' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json'
{{qrlogin.ci.id}}
and {{qrlogin.dsi}}
with the values of cloud
identifier ID, and device session index that are returned when you initiated a new
qrlogin request.
curl -X GET \
'https://companyAppTest.verify.ibm.com/v2.0/factors/qr/authenticate/77348a7f-03b2-494f-a5d4-9a1603ae1592?dsi=IJL1IM9GFJLL3NK39MM2E3HN39IGH8LENENGIG2G' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json'
Example
output
response{
"created": "2019-04-01T00:42:44.456Z",
"profileId": "9fe42f1c-3d22-4d2c-99a0-8ff08c93c4b0",
"location": "https://companyAppTest.verify.ibm.com/v2.0/factors/qr/77348a7f-03b2-494f-a5d4-9a1603ae1592",
"id": "77348a7f-03b2-494f-a5d4-9a1603ae1592",
"expiry": "2019-04-01T00:43:44.456Z",
"state": "PENDING",
"type": "qr",
"serviceName": "IBM Verify",
"updated": "2019-04-01T00:42:44.456Z",
"tenant": "companyAppTest.verify.ibm.com"
}
Verify an existing QRLogin verification
The verifyAuthenticator API security entitlement is required to verify and existing QRLogin verification.
{
"lsi": "{{qrlogin.lsi}}"
}
{{qrlogin.lsi}}
with the digits of the login session index (LSI) that you received
after initiation of new qrlogin request. The length of the LSI is a variable that
is based on the configuration. For example,{
"lsi": “B1CAE3”
}
curl -X POST \
https://{{tenant}}/v2.0/factors/qr/{{qrlogin.ci.id}} \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {{authenticator_access_token}}' \
-H 'Content-Type: application/json' \
-d @verify-qrlogin-payload.json
- The
authenticator_access_token
must be the one from the IBM Security Verify registration. - Replace the
{{qrlogin.ci.id}}
with the value of cloud identifier ID that is returned when you initiated a new qrlogin request.
curl -X POST \
https://companyAppTest.verify.ibm.com/v2.0/factors/qr/77348a7f-03b2-494f-a5d4-9a1603ae1592 \
-H 'Accept: application/json' \
-H 'Authorization: Bearer 4hFZq9U73P3MPEA40KcF54i77Z0mDhZba0InrzUe' \
-H 'Content-Type: application/json' \
-d @verify-qrlogin-payload.json
Example
output responseStatus Code: 204
Retrieve successfully verified QR Login request
Use the following cURL command to retrieve qrlogin request to poll for completion of an existing QR Login verification from an unauthenticated context.
curl -X GET \
'https://{{tenant}}/v2.0/factors/qr /{{qrlogin.ci.id}}?dsi={{qrlogin.dsi}}' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json'
{{qrlogin.ci.id}}
with the value of cloud identifier ID that is returned when
you initiated a new qrlogin
request.curl -X GET \
'https://companyAppTest.verify.ibm.com/v2.0/factors/qr/authenticate/77348a7f-03b2-494f-a5d4-9a1603ae1592?dsi=IJL1IM9GFJLL3NK39MM2E3HN39IGH8LENENGIG2G' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json'
Example
output
response{
"updatedBy": "50FNK72W4C",
"created": "2019-04-01T00:45:13.441Z",
"profileId": "9fe42f1c-3d22-4d2c-99a0-8ff08c93c4b0",
"location": "https://companyAppTest.verify.ibm.com/v2.0/factors/qr/77348a7f-03b2-494f-a5d4-9a1603ae1592",
"id": "9df8af9c-b5eb-4b47-b518-725ac43ccccc",
"expiry": "2019-04-01T00:46:13.441Z",
"state": "SUCCESS",
"type": "qr",
"serviceName": "IBM Verify",
"userId": "50FNK72W4C",
"updated": "2019-04-01T00:45:19.256Z",
"tenant": "companyAppTest.verify.ibm.com"
}
Delete QR Login verification
The authnAnyUser API security entitlement is required to delete an existing QRLogin verification.
Use the following cURL command to delete a qrlogin verification record.
curl -X DELETE \
https://{{tenant}}/v2.0/factors/qr/{{qrlogin.ci.id}} \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {{access_token}}' \
-H 'Content-Type: application/json'
{{qrlogin.ci.id}}
with the value of cloud identifier ID that is returned when
you initiated a new qrlogin
request.curl -X DELETE \
https://companyAppTest.verify.ibm.com/v2.0/factors/qr/9df8af9c-b5eb-4b47-b518-725ac43ccccc \
-H 'Accept: application/json' \
-H 'Authorization: Bearer 4hFZq9U73P3MPEA40KcF54i77Z0mDhZba0InrzUe ' \
-H 'Content-Type: application/json'
Example
output responseStatus Code: 204