Using PhenixID HTTP API for session verification (get userID and authentication method)
Overview
To use the API, one method is called. It will return:
- HTTP Status code 200 if session is still valid. Authentication method (auth_method) and user ID (userid) will be returned.
- HTTP Status code 403 if session is not valid.
Prerequisites
- PhenixID Authentication Services HTTP API configured
Verify session - data to be fetched before api call
The api client must fetch this value:
- access_token
How this parameter is fetched may differ depending on the use case:
- Query string parameter
- Cookie value
- Previous api method response value
Verify session - api call
Request
Method: HTTP PUT
Endpoint: /api/authentication/verifyUser
Headers:
| Name | Value |
Mandatory | Comment |
|---|---|---|---|
| Content-Type | application/json | Yes | |
| tenant | t1 | Yes | .Value must be given to you by PhenixID Signing Service admin, it might differ depending on the environment. |
| Authorization | <basic_auth_value> | No | If applicable, username and password must be given to you by PhenixID Signing Service admin. |
Body:
The body must contains a json structure.
{
"access_token":"..",
} Json structure properties:
| Name | Value | Mandatory | Comment |
|---|---|---|---|
| access_token | <access_token> | Yes | Access token passed by PhenixID Authentication Services in previous flow (not described here) |
Example request (Please note that authorization data is not included in this example).
PUT /api/authentication/verifyUser HTTP/1.1
Host: demo.phenixid.net
Content-Type: application/json
tenant: t1
Cache-Control: no-cache
{ "access_token":"bcad1335-96b8-445b-826f-51a63622c741" }Response
Response
The HTTP Response status code may have one of these values:
1. 200. Session is valid. Body will contain user data.
2. 403. Session is not valid - user must re-authenticate.
The response body JSON structure properties:
| Name | Possible values | Comment |
|---|---|---|
| auth_method | bankid telia freja foreign_eid |
The authentication method the user authenticated with. As of today, auth_method will contain either telia or bankid. |
| userid | The userid of the user. As of today this will contain the personal number of the user. |
Example response:
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 390010
{
"auth_method": "bankid",
"userid": "bclarke"
}