Airlock 2FA authn. in Loginapp REST API
17.2.2.4. Airlock 2FA authentication in the Loginapp REST API

This chapter is about Airlock 2FA authentication in the Loginapp REST API. It adds information to the REST API documentation (Loginapp REST API Reference), provides example login flows and configuration hints.

Please also refer to the conceptual Airlock 2FA chapters referred to at the end of this text.

Airlock 2FA authentication flow steps

The following authentication flow steps are available:

Airlock 2FA Step for Authentication
Authentication step providing all REST APIs used for all Airlock 2FA authentication factors except for mobile-only authentication: One-Touch, Passcode, offline QR code (hardware tokens), device selection.
Airlock 2FA Mobile Only Authentication Step
Authentication step providing REST APIs for mobile-only (single device) authentication.
Airlock 2FA Activation Step
Step providing REST APIs for token activation during the login process: this is used during token self-migration from any other authentication token to Airlock 2FA.
Airlock 2FA Device Edit Step
This step provides REST APIs to change or set the device display name during token activation.

The rest of this chapter is organized along example flows showing the usage and configuration of all the above REST APIs and steps.

Zero-Touch factor no longer supported

Airlock IAM does no longer support Zero-Touch authentication because up-to-date smartphone operating systems restrictions prevent its usage.

The feature has been removed from the Airlock 2FA app but is still configurable in IAM version 7.5 and older.