Auth Two Factor
TOTP, OTP, backup code, and enable/disable two-factor methods.
Endpoints and Methods
auth.twoFactor.getTotpUri()->POST /two-factor/get-totp-uriauth.twoFactor.verifyTotp()->POST /two-factor/verify-totpauth.twoFactor.sendOtp()->POST /two-factor/send-otpauth.twoFactor.verifyOtp()->POST /two-factor/verify-otpauth.twoFactor.verifyBackupCode()->POST /two-factor/verify-backup-codeauth.twoFactor.generateBackupCodes()->POST /two-factor/generate-backup-codesauth.twoFactor.enable()->POST /two-factor/enableauth.twoFactor.disable()->POST /two-factor/disable
Examples
ATHENA_AUTH_BASE_URL="http://localhost:3001/api/auth"
ATHENA_AUTH_TOKEN="<bearer-token>"
# Adjust payload fields using the OpenAPI schema in this page.
# auth.twoFactor.getTotpUri() -> POST /two-factor/get-totp-uri
curl -X POST "$ATHENA_AUTH_BASE_URL/two-factor/get-totp-uri" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.twoFactor.verifyTotp() -> POST /two-factor/verify-totp
curl -X POST "$ATHENA_AUTH_BASE_URL/two-factor/verify-totp" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.twoFactor.sendOtp() -> POST /two-factor/send-otp
curl -X POST "$ATHENA_AUTH_BASE_URL/two-factor/send-otp" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.twoFactor.verifyOtp() -> POST /two-factor/verify-otp
curl -X POST "$ATHENA_AUTH_BASE_URL/two-factor/verify-otp" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.twoFactor.verifyBackupCode() -> POST /two-factor/verify-backup-code
curl -X POST "$ATHENA_AUTH_BASE_URL/two-factor/verify-backup-code" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.twoFactor.generateBackupCodes() -> POST /two-factor/generate-backup-codes
curl -X POST "$ATHENA_AUTH_BASE_URL/two-factor/generate-backup-codes" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.twoFactor.enable() -> POST /two-factor/enable
curl -X POST "$ATHENA_AUTH_BASE_URL/two-factor/enable" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'
# auth.twoFactor.disable() -> POST /two-factor/disable
curl -X POST "$ATHENA_AUTH_BASE_URL/two-factor/disable" \
-H "content-type: application/json" \
-H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
-d '{"...":"See OpenAPI requestBody schema"}'use reqwest::Client;
use serde_json::json;
let base_url = "http://localhost:3001/api/auth";
let token = "<bearer-token>";
let http = Client::new();
// Adjust payload fields using the OpenAPI schema in this page.
// auth.twoFactor.getTotpUri() -> POST /two-factor/get-totp-uri
let response = http
.post(format!("{base_url}/two-factor/get-totp-uri"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.twoFactor.verifyTotp() -> POST /two-factor/verify-totp
let response = http
.post(format!("{base_url}/two-factor/verify-totp"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.twoFactor.sendOtp() -> POST /two-factor/send-otp
let response = http
.post(format!("{base_url}/two-factor/send-otp"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.twoFactor.verifyOtp() -> POST /two-factor/verify-otp
let response = http
.post(format!("{base_url}/two-factor/verify-otp"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.twoFactor.verifyBackupCode() -> POST /two-factor/verify-backup-code
let response = http
.post(format!("{base_url}/two-factor/verify-backup-code"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.twoFactor.generateBackupCodes() -> POST /two-factor/generate-backup-codes
let response = http
.post(format!("{base_url}/two-factor/generate-backup-codes"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.twoFactor.enable() -> POST /two-factor/enable
let response = http
.post(format!("{base_url}/two-factor/enable"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;
// auth.twoFactor.disable() -> POST /two-factor/disable
let response = http
.post(format!("{base_url}/two-factor/disable"))
.bearer_auth(token)
.json(&json!({
"...": "See OpenAPI requestBody schema"
}))
.send()
.await?;
let _ = response.error_for_status()?;import { client } from "./auth-client"
await client.auth.twoFactor.getTotpUri({ password: "current-password" })
await client.auth.twoFactor.verifyTotp({ code: "123456" })
await client.auth.twoFactor.sendOtp()
await client.auth.twoFactor.verifyOtp({ code: "123456" })
await client.auth.twoFactor.verifyBackupCode({ code: "backup-code-value" })
await client.auth.twoFactor.generateBackupCodes({
password: "current-password",
})
await client.auth.twoFactor.enable({ password: "current-password" })
await client.auth.twoFactor.disable({ password: "current-password" })OpenAPI Contract
Authorization
bearerAuth AuthorizationBearer <token>
Bearer token authentication
In: header
Request Body
application/json
password*string
User password
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/get-totp-uri" \ -H "Content-Type: application/json" \ -d '{ "password": "string" }'{
"totpURI": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth AuthorizationBearer <token>
Bearer token authentication
In: header
Request Body
application/json
code*string
The otp code to verify
trustDevice?string
If true, the device will be trusted for 30 days. It'll be refreshed on every sign in request within this time.
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/verify-totp" \ -H "Content-Type: application/json" \ -d '{ "code": "string" }'{
"status": true
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth AuthorizationBearer <token>
Bearer token authentication
In: header
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/send-otp"{
"status": true
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth AuthorizationBearer <token>
Bearer token authentication
In: header
Request Body
application/json
code*string
The otp code to verify
trustDevice?string
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/verify-otp" \ -H "Content-Type: application/json" \ -d '{ "code": "string" }'{
"token": "string",
"user": {
"id": "string",
"email": "user@example.com",
"emailVerified": true,
"name": "string",
"image": "http://example.com",
"createdAt": "2019-08-24T14:15:22Z",
"updatedAt": "2019-08-24T14:15:22Z"
}
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth AuthorizationBearer <token>
Bearer token authentication
In: header
Request Body
application/json
code*string
disableSession?string
If true, the session cookie will not be set.
trustDevice?string
If true, the device will be trusted for 30 days. It'll be refreshed on every sign in request within this time.
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/verify-backup-code" \ -H "Content-Type: application/json" \ -d '{ "code": "string" }'{
"user": {
"id": "string",
"email": "user@example.com",
"emailVerified": true,
"name": "string",
"image": "http://example.com",
"twoFactorEnabled": true,
"createdAt": "2019-08-24T14:15:22Z",
"updatedAt": "2019-08-24T14:15:22Z"
},
"session": {
"token": "string",
"userId": "string",
"createdAt": "2019-08-24T14:15:22Z",
"expiresAt": "2019-08-24T14:15:22Z"
}
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth AuthorizationBearer <token>
Bearer token authentication
In: header
Request Body
application/json
password*string
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/generate-backup-codes" \ -H "Content-Type: application/json" \ -d '{ "password": "string" }'{
"status": true,
"backupCodes": [
"string"
]
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth AuthorizationBearer <token>
Bearer token authentication
In: header
Request Body
application/json
password*string
User password
issuer?string
Custom issuer for the TOTP URI
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/enable" \ -H "Content-Type: application/json" \ -d '{ "password": "string" }'{
"totpURI": "string",
"backupCodes": [
"string"
]
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}Authorization
bearerAuth AuthorizationBearer <token>
Bearer token authentication
In: header
Request Body
application/json
password*string
User password
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/disable" \ -H "Content-Type: application/json" \ -d '{ "password": "string" }'{
"status": true
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}