Error in the first authentication factor

The authentication flow is initialized with a password/check that supplies username and an incorrect password.

HTTP Request - /public/authentication/password/check/

Example

POST https://iam-host.com/auth/rest/public/authentication/password/check
{
    "username": "john.doe@ergon.ch",
    "password": "incorrect_password"
}

The response is a HTTP 400 Bad Request with a code “USERNAME_PASSWORD_WRONG” to indicate the reason of the failure.

Since this call returned an error, a “temporaryLockExpiry” is returned as well.

HTTP Response - /public/authentication/password/check/

Example

400 Bad Request
{
    "meta": {
        "type": "jsonapi.metadata.document",
        "timestamp": "2018-12-04T09:48:25.112Z",
        "temporaryLockExpiry": "2018-12-04T09:48:28.104Z",
        "nextAuthStep": "PASSWORD_REQUIRED"
    },
    "errors": [
        {
            "id": "5112:9070",
            "status": 400,
            "code": "USERNAME_PASSWORD_WRONG"
        }
    ]
}