5.1. Authentication interfaces

There are different authentication controllers.

ValidateController

This controller is used to authenticate simple credentials of event or timebased tokens. I.e. the controller has functions like check, check_s, simplecheck... to basically take a username and password to authenticate this user.

The validate controller is also used for challenge response authentication. See Challenge Response for this behaviour.

OcraController

This controller is used for challenge response tokens following the OCRA standard. The controller also provides a function request to get the challenge but also a function check_t to validate the response to the challenge.

The methods are called as a HTTP GET request and the described parameters are added as HTTP parameters.

The response of the HTTP Request will usually be a JSON object.

Note

To every authentication controller you can add the parameter httperror followed by an HTTP error code. If LinOTP would return HTTP 200/OK with status: false in the JSON response indicating an internal error then LinOTP will instead return a e.g. HTTP 500 error code.

• 5.1.1. Validate Controller
  • 5.1.1.1. Authentication workflow
• 5.1.2. OCRA Controller
• 5.1.3. Example for authentication integration
  • 5.1.3.1. C integration
  • 5.1.3.2. PHP integration