The /authenticationCodes
endpoint provides operations to create, read, and delete an authentication code. The authentication code (which can be a QR code) enables users to sign on without any data entry, such as providing a username, password, or entering a one-time passcode. The user scans the code, and if successful, gains access to an application’s services.
Property | Type | Required? | Mutable? | Description |
---|---|---|---|---|
application.id |
String | Required | Mutable | The ID of a mobile application for which the code is valid; only the specified mobile application can scan the QR code. |
clientContext |
String | Optional | Mutable | An ObjectNode that provides relevant information to the mobile application that can be shown to application users. For example, Do you want to approve this transaction? . For more information, see Create Authentication Code. |
lifeTime.duration |
Integer | Optional | Mutable | The length of time for this authentication code to be valid. The minimum value is 10 seconds; the maximum value is 30 minutes; the default is 1 minute. If the lifeTime.duration property is set, a value for lifeTime.timeUnit is required. |
lifeTime.timeUnit |
String | Optional | Mutable | The time unit for the lifeTime.duration property. Options are SECONDS and MINUTES . If the lifeTime.timeUnit property is set, a value for lifeTime.duration is required. |
userApproval |
String | Optional | Mutable | Whether the mobile device must verify that the user approves the authentication with the scanned code. Options are REQUIRED and NOT_REQUIRED . |
Property | Type | Required? | Mutable? | Description |
---|---|---|---|---|
code |
String | N/A | Read-only | The authentication code. The code is eight characters in length, and it can include numbers and uppercase letters. |
createdAt |
Date | N/A | Read-only | When the resource was created. |
environment.id |
String | N/A | Read-only | The environment’s unique identifier. |
expiresAt |
Date | N/A | Read-only | The expiration time of authentication code. |
id |
String | N/A | Read-only | The resource’s unique identifier. |
status |
String | N/A | Read-only | The status of the authentication code. Options are UNCLAIMED , CLAIMED , EXPIRED , DENIED , and COMPLETED . The EXPIRED status is active for 5 minutes after the code is no longer valid. |
updatedAt |
Date | N/A | Read-only | When the resource was last updated. |
uri |
String | N/A | Read-only | A universal link (for example, https://www.example.com/pingonesdk?authentication_code={{generated token}} ). This property can also set a link to a schema application (for example, pingoneapp://pingonesdk?authentication_code={{generated token}} ). If a universal link or schema application link is not set, the response does not include the pingonesdk?authentication_code={{generated token}} portion of the URL. |
user.id |
UUID | N/A | Read-only | The unique identifier of the authenticated user. |
_embedded.device.otpStatus.status |
String | N/A | Read-only | Whether or not the device can be used currently for OTP-based authentication. Value returned is ENABLED or DISABLED. Relevant only for devices where type is MOBILE. |
_embedded.device.otpStatus.reason |
String | N/A | Read-only | If the status is DISABLED, contains the reason that the device cannot be used for OTP-based authentication, for example, that the application used a version of the MFA SDK that does not support OTP. Relevant only for devices where type is MOBILE. |
_embedded.device.pushStatus.status |
String | N/A | Read-only | Whether or not the device can be used currently for push-based authentication. Value returned is ENABLED or DISABLED. Relevant only for devices where type is MOBILE. |
_embedded.device.pushStatus.reason |
String | N/A | Read-only | If the status is DISABLED, contains the reason that the device cannot be used for push-based authentication, for example, that the push option was disabled for the application in the MFA policy. Relevant only for devices where type is MOBILE. |
_embedded.device.usableStatus.status |
String | N/A | Read-only | Whether or not the device can be used currently for authentication. Value returned is ENABLED or DISABLED. |
_embedded.device.usableStatus.reason |
String | N/A | Read-only | If the status is DISABLED, contains the reason that the device cannot be used for authentication, for example, that the defined daily notifications limit has already been reached. |
For descriptions of other fields under _embedded.device
, see MFA Devices.
For descriptions of fields under _embedded.user
, see Users data model.