1. Authentication interfaces¶
There are different authentication controllers.
This controller is used to authenticate simple credentials of event or time based tokens. I.e. the controller has functions like
simplecheck... to basically take a username and password to authenticate this user.
The validate controller is also used for challenge response authentication. See Challenge Response for this behaviour.
- This controller is used for challenge response tokens following the OCRA standard.
The controller also provides a function
requestto get the challenge but also a function
check_tto validate the response to the challenge.
The methods are called as a HTTP GET request and the described parameters are added as HTTP parameters.
The response of the HTTP Request will usually be a JSON object.
To every authentication controller you can add the parameter
httperror followed by an HTTP error code.
If LinOTP would return HTTP 200/OK with
status: false in the JSON response indicating an internal error
then LinOTP will instead return
a e.g. HTTP 500 error code.