URI's used by PhenixID apps

This document describes the URI's used by PhenixID apps.

Description

When publishing the different web applications in PhenixID Server, best practise is to only allow as little as possible regarding the service. So communication is only allowed to the very specific services needed for the specific configuration. This document will describe what needs to be allowed depending on service, web application and PhenixID app used. Example of the communication is available in the end of the document.

Example of complete communication

Pocket Pass enrollment:

/mfaadmin/otpadmin/api/?tokens/prepare/d67793ed1c4c1dddd7c61cc0982b6917

/mfaadmin/otpadmin/provision/otpauth/?5c73a048-f35a-4872-bc67-4bb28ba02fca

One Touch enrollment:

/mfaadmin/otpadmin/onetouch/enroll/status/5ee705a9-340b-408a-a97b-88fd56f83748

/mfaadmin/otpadmin/onetouch/enroll/start/JTdCJTIydXNlcm5hbWUlMjIlM0ElMjJkNjc3OTNlZDFjNGMxZGRkZDdjNjFjYzA5ODJiNjkxNyUyMiUyQyUyMmRpc3BsYXlfbmFtZSUyMiUzQSUyMm5yNCUyMiUyQyUyMnRpbWVzdGFtcCUyMiUzQSUyMjE1MTYxODg0OTM5OTglMjIlN0Q=

/mfaadmin/otpadmin/onetouch/enroll/status/42e1471b-62c4-4704-b801-dfa389e12734

/mfaadmin/otpadmin/onetouch/provision/start/42e1471b-62c4-4704-b801-dfa389e12734

/mfaadmin/otpadmin/onetouch/provision/chain/42e1471b-62c4-4704-b801-dfa389e12734

/mfaadmin/otpadmin/onetouch/enroll/status/42e1471b-62c4-4704-b801-dfa389e12734

/mfaadmin/otpadmin/api/?d67793ed1c4c1dddd7c61cc0982b6917

/pki/token/register/dd813370-87c3-479e-9ce4-da2a5e4f6fb3

/mfaadmin/otpadmin/onetouch/provision/chain/42e1471b-62c4-4704-b801-dfa389e12734

/pki/tokens/dd813370-87c3-479e-9ce4-da2a5e4f6fb3

/mfaadmin/otpadmin/api/?d67793ed1c4c1dddd7c61cc0982b6917

/pki/tokens/dd813370-87c3-479e-9ce4-da2a5e4f6fb3

 

/selfservice/selfservice/js/extensions/pki.js

/selfservice/selfservice/pki/enroll/start/JTdCJTIyZGlzcGxheV9uYW1lJTIyJTNBJTIycyUyMiUyQyUyMnRpbWVzdGFtcCUyMiUzQSUyMjE1MTYxODg3ODcxNjclMjIlN0Q=

/selfservice/selfservice/pki/enroll/status/

/selfservice/selfservice/pki/enroll/status/cacfa81f-5d84-428b-a767-8bc6275d88fc

/pki/token/start/12953c01-43e7-4b87-a039-95991ee2d945

/selfservice/selfservice/pki/enroll/status/aeccdc94-ff69-41ca-81e3-3e6f413b09c1

/selfservice/selfservice/api/entity

/pki/token/register/12953c01-43e7-4b87-a039-95991ee2d945

/pki/tokens/12953c01-43e7-4b87-a039-95991ee2d945

One Touch auth:

/pki/tokens/12953c01-43e7-4b87-a039-95991ee2d945

/pki/assignment/confirm/eb2dffbb-3960-43e0-a2a0-aebed7476156

/pki/tokens/12953c01-43e7-4b87-a039-95991ee2d945

One Touch revoke:

/pki/tokens/7b3b2dc3-2b4b-4753-a9ff-d470c71f9190