This REST API is used to authenticate the users. A user needs to authenticate when he wants to use the API for administrative tasks like enrolling a token.
This API must not be confused with the validate API, which is used to check, if a OTP value is valid. See Validate endpoints.
Authentication of users and admins is tested in tests/test_api_roles.py
You need to authenticate for all administrative tasks. If you are not authenticated, the API returns a 401 response.
To authenticate you need to send a POST request to /auth containing username and password.
14.1.1.1. Audit endpoint¶
- GET /audit/¶
return a paginated list of audit entries.
Params can be passed as key-value-pairs.
- Httpparam timelimit:
A timelimit, that limits the recent audit entries. This param gets overwritten by a policy auditlog_age. Can be 1d, 1m, 1h.
Example request:
GET /audit?realm=realm1 HTTP/1.1 Host: example.com Accept: application/json
Example response:
HTTP/1.1 200 OK Content-Type: application/json { "id": 1, "jsonrpc": "2.0", "result": { "status": true, "value": [ { "serial": "....", "missing_line": "..." } ] }, "version": "edumfa unknown" }
- GET /audit/(csvfile)¶
Download the audit entry as CSV file.
Params can be passed as key-value-pairs.
Example request:
GET /audit/audit.csv?realm=realm1 HTTP/1.1 Host: example.com Accept: text/csv
Example response:
HTTP/1.1 200 OK Content-Type: text/csv { "id": 1, "jsonrpc": "2.0", "result": { "status": true, "value": [ { "serial": "....", "missing_line": "..." } ] }, "version": "edumfa unknown" }