.. _authentication_interfaces:

=========================
Authentication interfaces
=========================

There are different authentication controllers.

``ValidateController`` 
   This controller is used to authenticate simple credentials of event or time based tokens. I.e.
   the controller has functions like ``check``, ``check_s``, ``simplecheck``... to basically take a
   username and password to authenticate this user.

   The validate controller is also used for challenge response authentication.
   See :ref:`challenge_response` for this behaviour.

``OcraController``
   This controller is used for challenge response tokens following the OCRA standard.
   The controller also provides a function ``request`` to get the challenge but also a function
   ``check_t`` to validate the response to the challenge.

   
The methods are called as a HTTP GET/POST request and the described parameters are added as HTTP parameters.

The response of the HTTP Request will usually be a JSON object.

.. note:: To every authentication controller you can add the parameter ``httperror`` followed by an  HTTP error code. 
   If LinOTP would return HTTP 200/OK with ``status: false`` in the JSON response indicating an internal error
   then LinOTP will instead return
   a e.g. HTTP 500 error code.
   
   
.. toctree::
   :maxdepth: 2

   validate
   ocra
   example