The /authenticationCodes endpoint provides operations to create, read, and delete an authentication code. The authentication code (which can be a QR code) enables users to sign on without any data entry, such as providing a username, password, or entering a one-time passcode. The user scans the code, and if successful, gains access to an application’s services.

Device authentications request data model

Property Type? Required? Mutable? Description
application.id UUID Required Mutable A string that specifies the ID of a mobile application for which the code is valid; only the specified mobile application can scan the QR code.
clientContext ObjectNode Optional Mutable An ObjectNode that provides relevant information to the mobile application that can be shown to application users. For example, Do you want to approve this transaction?. For more information, see Create Authentication Code.
lifeTime.duration Integer Optional Mutable An integer that specifies the length of time for this authentication code to be valid. The minimum value is 10 seconds; the maximum value is 30 minutes; the default is 1 minute. If the lifeTime.duration property is set, a value for lifeTime.timeUnit is required.
lifeTime.timeUnit String Optional Mutable A string that specifies the time unit for the lifeTime.duration property. Options are SECONDS and MINUTES. If the lifeTime.timeUnit property is set, a value for lifeTime.duration is required.
userApproval Enum Optional Mutable An enumeration that specifies whether the mobile device must verify that the user approves the authentication with the scanned code. Options are REQUIRED and NOT_REQUIRED.

Device authentications response data model

Property Type? Required? Mutable? Description
code String Read-only A string that specifies the code. The code is eight characters in length, and it can include numbers and uppercase letters.
createdAt Date Read-only A date that specifies when the resource was created.
environment.id UUID Read-only A string that specifies the environment’s unique identifier.
expiresAt Date Read-only A date that specifies the expiration time of authentication code.
updatedAt Date Immutable A date that specifies when the resource was last updated.
_embedded.device.id UUID Read-only A string that specifies the device ID.
_embedded.device.os.type String Read-only A string that specifies the device’s operating system.
_embedded.device.os.version String Read-only A string that specifies the device operating system’s version.
_embedded.device.model.name String Read-only A string that specifies the device’s model name.
_embedded.device.model.marketingName String Read-only A string that specifies the device model’s marketing name.
_embedded.device.application.nativeName String Read-only A string that specifies the name of the application retrieved from the native application at runtime.
_embedded.device.application.version String Read-only A string that specifies the version of the application retrieved from the native application at runtime.
id UUID Read-only Immutable A string that specifies the resource’s unique identifier.
status String Read-only A string that specifies the status of the authentication code. Options are UNCLAIMED, CLAIMED, EXPIRED, DENIED, and COMPLETED. The EXPIRED status is active for 5 minutes after the code is no longer valid.
uri String Read-only A string that specifies a universal link (for example, https://www.example.com/pingonesdk?authentication_code={{generated token}}). This property can also set a link to a schema application (for example, pingoneapp://pingonesdk?authentication_code={{generated token}}). If a universal link or schema application link is not set, the response does not include the pingonesdk?authentication_code={{generated token}} portion of the URL.
updatedAt Date Read-only A date that specifies when the resource was last updated.
user.id UUID Read-only A string that specifies the unique identifier of the authenticated user.