Airlock 2FA authentication in the Loginapp REST API

This chapter is about Airlock 2FA authentication in the Loginapp REST API. It adds information to the REST API documentation (Loginapp REST API Reference), provides example login flows and configuration hints.

Please also refer to the conceptual Airlock 2FA chapters referred to at the end of this text.

Airlock 2FA authentication flow steps

The following authentication flow steps are available:

Airlock 2FA Step for Authentication

Authentication step providing all REST APIs used for all Airlock 2FA authentication factors except for mobile-only authentication: One-Touch, Passcode, online and offline QR code (hardware tokens), device selection.

Airlock 2FA Mobile Only Authentication Step

Authentication step providing REST APIs for mobile-only (single device) authentication.

Airlock 2FA Activation Step

Step providing REST APIs for token activation during the login process: this is used during token self-migration from any other authentication token to Airlock 2FA.

Airlock 2FA Device Edit Step

This step provides REST APIs to change or set the device display name during token activation.

The rest of this chapter is organized along with example flows showing the usage and configuration of all the above REST APIs and steps.