SCIM OTP devices Workflows examples

Workflow Examples

Workflow 1

1. Create Email OTP device

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/OtpDevice

JSON

{
    "type": "EMAIL",
    "user": "dilbert",
    "email": "dilbert@soffid.com"
}
Response 200 OK
{
    "created": "2022-03-09 13:39:52",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5099461",
        "resourceType": "OtpDevice"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice"
    ],
    "name": "Email message to di*****@so****.co*",
    "id": 5099461,
    "type": "EMAIL",
    "user": "dilbert",
    "fails": 0,
    "email": "dilbert@soffid.com",
    "status": "C"
}

2. RequestChallenge to get the PIN code

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/OtpDevice/5099461/requestChallenge
Response 200 OK
{
    "cell": "PIN",
    "cardNumber": "Email message to di*****@so****.co*"
}

3. ResponseChallenge to validate the PIN code

Request
POST http://<your-domain>/soffid/webservice/scim2/v1/OtpDevice/5099461/responseChallenge

JSON

{
    "pin": "839231"
}
Response 200 OK
{
    "success": true,
    "locked": false
}

4. Enable OTP device

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/OtpDevice/5099461

JSON

{
    "Operations": 
    [
        {
            "op": "replace",
            "path": "status",
            "value": "V"
        }
    ]
}
Response
{
    "created": "2022-03-09 13:39:52",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5099461",
        "links": {
            "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5099461/requestChallenge",
            "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5099461/responseChallenge"
        },
        "resourceType": "OtpDevice"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice"
    ],
    "name": "Email message to di*****@so****.co*",
    "id": 5099461,
    "type": "EMAIL",
    "user": "dilbert",
    "fails": 0,
    "email": "dilbert@soffid.com",
    "status": "V"
}

Workflow 2

1. Get TOTP devices

Obtain all unused OTP devices by 2022.

Request 
GET http://<your-domain>/soffid/webservice/scim2/v1/OtpDevice?filter=lastUsed le "2022-01-01"
Response 200 Ok
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 5,
    "startIndex": 1,
    "Resources": [
        {
            "lastUsed": "2021-10-14 06:57:00",
            "created": "2021-10-14 06:44:43",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880",
                "links": {
                    "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/requestChallenge",
                    "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/responseChallenge"
                },
                "resourceType": "OtpDevice"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice"
            ],
            "name": "TOTP00000001",
            "id": 4022880,
            "type": "TOTP",
            "user": "admin",
            "fails": 0,
            "status": "E"
        },
        {
            "lastUsed": "2021-10-14 06:59:33",
            "created": "2021-10-14 06:58:05",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022891",
                "links": {
                    "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022891/requestChallenge",
                    "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022891/responseChallenge"
                },
                "resourceType": "OtpDevice"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice"
            ],
            "name": "TOTP00000002",
            "id": 4022891,
            "type": "TOTP",
            "user": "ckelp",
            "fails": 0,
            "status": "C"
        },
        .....
    ]
}

2. Disable OTP device

Disble the OTP devices one by one

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/OtpDevice/4022880

JSON

{
    "Operations": 
    [
        {
            "op": "replace",
            "path": "status",
            "value": "D"
        }
    ]
}
Response 200 Ok
{
    "lastUsed": "2021-10-14 06:57:00",
    "created": "2021-10-14 06:44:43",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880",
        "links": {
            "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/requestChallenge",
            "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/responseChallenge"
        },
        "resourceType": "OtpDevice"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice"
    ],
    "name": "TOTP00000001",
    "id": 4022880,
    "type": "TOTP",
    "user": "admin",
    "fails": 0,
    "status": "D"
}

 

 

 


Revision #4
Created 9 March 2022 13:47:04 by pgarcia@soffid.com
Updated 10 March 2022 09:23:20 by pgarcia@soffid.com