ThumbSignIn developer documentation

ThumbSignIn provides a secure way of authentication for the third party applications using FIDO standards. An Application can get the benefits of ThumbSignIn services only when they adhere to FIDO standards.

Overview

This document provides steps to register and access third party applications with ThumbSignIn. The user registers device to ThumbSignIn service by selecting a local authentication mechanism. The ThumbSignIn protocol allows the service to select which mechanisms are presented to the user. After successful registration the user authenticates applications using the registered mechanisms. This ensures password less authentication from their devices. User has an ability to combine multiple authentication mechanisms such as fingerprint, QR code etc.

When a user performs a registration operation a new unique pair of key is created by their authenticator, and the public key is sent to the Relying Party. As part of this process, each key is associated with an AppID. The AppID is a URL carried as part of the protocol message sent by the server and indicates the target for this credential.

Self Hosting Services

FIDO as a SaaS

Technical Terms

Facet

A (application) facet is how an application is implemented on various platforms. For example, the application MyBank may have an Android app, an iOS app, and a Web app. These are all facets of the MyBank application.

Facet ID

A platform-specific identifier for an application facet.

  • For Web applications, the facet id is the RFC6454 origin R[ FC6454]
  • For Android applications, the facet id is the URI android:apk-keyhash: <hash-of-apk-signing-cert>
  • For iOS, the facet id is the URI ios:bundle-id: <ios-bundle-id-of-app>

App ID

The AppID is an identifier for a set of different Facets of a relying party's application. The AppID is a URL pointing to the TrustedFacets, i.e. list of FacetIDs related to this AppID.

Authenticators

Authenticators are different log in mechanisms provided by ThumbSignIn to the third party applications. For example, Fingerprint authentication and TOTP are few of many different types of authenticators available in ThumbSignIn which clients can choose while registering their application.

Policies

A Policy contains combination of different authenticator types. You can apply these policies to different applications as per your requirement.

Relying Party

An app/web site or any other entity that uses a FIDO protocol to directly authenticate users (i.e., performs peer-entity authentication).

Public / Private Key

A key used for FIDO Authenticator attestation.

Attestation

In the FIDO context, attestation is how Authenticators make claims to a Relying Party that the keys they generate, and/or certain measurements they report, originate from genuine devices with certified characteristics.

ASM (Authenticator Specific Module)

ASM refers to the software associated with a FIDO Authenticator that provides a uniform interface between the hardware and FIDO Client software.

Configuration Tool

What is configuration tool?

Configuration tool helps the Tenants to register their applications with ThumbSignIn. It acts as a repository which stores the details like list of Applications integrated with ThumbSignIn, types of Authenticators, Facets, and Policies.

Upon successful login, the Tenant should follow the steps mentioned below to add a new application into the Configuration Tool.

  1. Upon successful logging into the Configuration Tool, a new Tenant will land on the Home page of the Configuration App.
  2. Click CREATE to add the new application into Configuration tool. The Create Application page appears.
    1. Fill in the details as per the following:
    2. Application ID: Give a unique ID for the application you wish to add

      Name: Mention the name of the Application

      Description: Write a short description about the application you wish to add

      Note:

      • Click Clear Values to clear all the values which you have given for each parameter
      • Click Cancel to navigate back to the Home Page
  3. Click Submit, the Create Facet page appears.
  4. Select the required environment from Web, iOs, or Android and add the Facet for each selected environment as per the format mentioned
  5. Click Submit, the Create Policy page appears.
  6. Type a unique Policy ID, and Click Add Policy. Now you can select required Authenticators from the drop down.
  7. Click Submit, the Dashboard appears which will display the Applications added by the Tenant.
  8. Note: You can directly edit the required details of the applications from dashboard by clicking Edit button on the top right corner of the application widget.

  9. To add more Applications, click New FIDO App.

FIDO Registration

What is FIDO registration?

FIDO registration is a mandatory protocol for password less authentication using ThumbSignIn. ThumbSignIn allows the relying party to register from different FIDO Authenticators with the user's account at the relying party. The relying party specifies a policy for supporting various FIDO Authenticator types. A FIDO ThumbSignIn client can only register with existing authenticators in accordance with that policy. Follow the below procedure to register via FIDO to ThumbSignIn.

FIDO Registration Sequence Diagram

The following sequence diagram explains the FIDO registration operation:

  • Log in to Relying Party Application (RPApp) using legacy log in.
  • Upon successful log in, user initiates the FIDO registration request.
  • The FIDO server sends registration request along with authentication policy to FIDO client.
  • Upon user authentication, the user enrolls and generates a new public/private key pair unique for the local device and returns it to FIDO client.

    Note: The public and private keys are specific to RP WebApp.

  • Registration response, attestation and public key are sent to the FIDO server and are associated with the user’s account.
  • The FIDO server validates the response and attestation.
  • FIDO server will ensure to store the user’s public key and uses it in future for authentication process.

FIDO Registration Sequence Diagram for Token based Authentication Systems

The following sequence diagram explains the FIDO Registration for token based authentication systems operation:

  • Log in to Relying Party Application (RPApp) using legacy log in.
  • Upon successful log in, the Auth token will be used to retrieve the username from the RP App server to initiate FIDO registration request.
  • The username will be a part of registration request that will be sent from FIDO server to RP App via RP server. The request will be then communicated to the FIDO client SDK inside the RP App.
  • The username will be used in the FIDO registration process to generate the unique KeyID which will be further used across for further Communication such as Authentication, Transaction Confirmation, and Deregistration.
  • If there is any API like authenticating a transaction, the initial request can be made using the existing mechanism based on auth token before requesting the user to authenticate the transaction.
  • Upon user authentication, the user enrolls and generates a new public/private key pair unique for the local device and returns it to FIDO client.

    Note: The public and private keys are specific to RP WebApp.

  • Registration response, attestation and public key are sent to the FIDO server and are associated with the user’s account.
  • The FIDO server validates the response and attestation.
  • FIDO server will ensure to store the user’s public key and uses it in future for authentication process.

Authentication

What is Authentication?

ThumbSignIn allows the relying party to prompt the end user to authenticate using a previously registered FIDO Authenticator. This authentication can be invoked any time, at the relying party's discretion.

Authentication Sequence Diagram

The following sequence diagram explains the authentication operation:

  • Log in to Relying Party Application (RPApp) using legacy log in.
  • Upon successful log in, user initiates the FIDO authentication request.
  • The FIDO server sends authentication request along with authentication policy to FIDO client.
  • Upon user authentication, the authenticator verifies user and unlocks the private key and returns it to FIDO client.

    Note: The private key is specific to the user and RP WebApp.

  • Authentication response that is signed by user’s private key are sent to the FIDO server.
  • The FIDO server validates the response by using the user’s public key.
  • Once validated the user will be directed to the application.

Transaction Confirmation

What is Transaction Confirmation?

ThumbSignIn offers support for prompting the user to confirm a specific transaction. In addition to general authentication prompt, ThumbSignIn also validates transactions of its users. This operation enables relying party to ensure that the user is confirming a specified set of the transaction details in place of authenticating a session to the user agent.

Transaction Confirmation Sequence Diagram

The following sequence diagram explains the transaction confirmation operation:

  • Log in to Relying Party Application (RPApp) using legacy log in.
  • Upon successful log in, user initiates the transaction confirmation request.
  • The FIDO server sends authentication request along with transaction content to FIDO client.
  • Upon user authentication, the the authenticator verifies user as well as the display content and unlocks the private key and returns it to FIDO client.

    Note: The private key is specific to the user and RP WebApp.

  • Authentication response and text hash signed by the user’s private key are sent to the FIDO server.
  • The FIDO server validates the response and text hash by using the user’s public key.
  • Once validated the user will be able to make transaction as requested.

De-Registration

What is FIDO de-registration?

Deregistration is necessary for any fraudulent or unnecessary registrations. The relying party can trigger the deletion of the account-related authentication key material.

FIDO De-registration Sequence Diagram

The following sequence diagram explains the de-registration operation:

  • Log in to Relying Party Application (RPApp) using legacy log in.
  • Upon successful log in, user initiates the FIDO de-registration request.
  • The FIDO server sends de-registration request to FIDO client.
  • Upon user authentication, the user delete the saved local RP key material and returns it to FIDO client.
  • The user conveys de-rigistration status to RP app.

API

Applications API

API/applications - GET
DescriptionReturns applications from the system
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://www.mydomain.com/mytenant/rest/v1/applications?page=1&limit=2",
		"previous": "https://www.mydomain.com/mytenant/rest/v1/applications?page=3&limit=2",
		"next": "https://www.mydomain.com/mytenant/rest/v1/applications?page=5&limit=2",
		"last": "https://www.mydomain.com/mytenant/rest/v1/applications?page=6&limit=2"
	},
	"href": "https://www.mydomain.com/mytenant/rest/v1/applications?page=4&limit=2",
	"items": [
		{
		"id": "QTAzMBco9x2KfONxfIY2YslnQg",
		"applicationId": "myApplication",
		"name": "My Application",
		"certificateCreated": false,
		"city": "Dublin",
		"updated": "2016-06-23T10:22:22.236+0000",
		"created": "2016-06-23T10:22:22.236+0000",
		"status": "ACTIVE",
		},
		{
		"id": "QTAz_pHQ33tu9fzpjPe2xF7waQ",
		"applicationId": "fidoApplication",
		"name": "FIDO application",
		"certificateCreated": false,
		"updated": "2016-03-16T15:05:53.539+0000",
		"created": "2016-03-16T15:05:53.539+0000",
		"fidoApplicationId": "https://fido.daon.com/fido",
		"status": "ACTIVE",
		"fidoFacets": {
			"trustedFacets": [
			{
				"version": {
				"major": 1,
				"minor": 0
				},
				"ids": [
				"https://fido.daon.com/fido",
				"https://www.daon_test_rp.com",
				"android:apk-key-hash:ppDMsrr6owRtb5lz0oK/vrofr6E"
				]
			}]
		}
	}]
}
Parameters
API/applications - POST
DescriptionCreates a new application in the system.
Response
{
	"id": "QTAzMBco9x2KfONxfIY2YslnQg",
	"applicationId": "myApplication",
	"name": "My Application",
	"certificateCreated": false,
	"city": "Dublin",
	"updated": "2016-06-23T10:22:22.236+0000",
	"created": "2016-06-23T10:22:22.236+0000",
	"status": "ACTIVE",
}
Parameters
API/applications
DescriptionReturns applications from the system.
Response
{
	"id": "QTAzMBco9x2KfONxfIY2YslnQg",
	"applicationId": "myApplication",
	"name": "My Application",
	"certificateCreated": false,
	"city": "Dublin",
	"updated": "2016-06-23T10:22:22.236+0000",
	"created": "2016-06-23T10:22:22.236+0000",
	"status": "ACTIVE",
}
Parameters
API/applications/{id} - POST
DescriptionUpdates the application with the specified Id and returns the updated application.
Response
{
	"id": "QTAzMBco9x2KfONxfIY2YslnQg",
	"applicationId": "myApplication",
	"name": "My Application",
	"certificateCreated": false,
	"city": "Dublin",
	"updated": "2016-06-23T10:22:22.236+0000",
	"created": "2016-06-23T10:22:22.236+0000",
	"status": "ACTIVE",
}
Parameters
API/applications/{id}/archived - POST
DescriptionArchives the application with the specified id.
Response
{
	"id": "QTAzMBco9x2KfONxfIY2YslnQg",
	"applicationId": "myApplication",
	"name": "My Application",
	"certificateCreated": false,
	"city": "Dublin",
	"archived": "2016-06-25T11:13:53.577+0000",
	"updated": "2016-06-23T10:22:22.236+0000",
	"created": "2016-06-23T10:22:22.236+0000",
	"status": "ACTIVE",
}
Parameters
API/applications/{id}/blocked - POST
DescriptionBlocks the application with the specified id.
Response
{
	"id": "QTAzMBco9x2KfONxfIY2YslnQg",
	"applicationId": "myApplication",
	"name": "My Application",
	"certificateCreated": false,
	"city": "Dublin",
	"updated": "2016-06-23T10:22:22.236+0000",
	"created": "2016-06-23T10:22:22.236+0000",
	"status": "BLOCKED",
}
Parameters
API/applications/{id}/blocked - DELETE
DescriptionUnblocks the application with the specified id.
Response
{
	"id": "QTAzMBco9x2KfONxfIY2YslnQg",
	"applicationId": "myApplication",
	"name": "My Application",
	"certificateCreated": false,
	"city": "Dublin",
	"updated": "2016-06-23T10:22:22.236+0000",
	"created": "2016-06-23T10:22:22.236+0000",
	"status": "ACTIVE",
}
Parameters
API/applications/{id}/policies - GET
DescriptionList policies associated with app.
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"last": "https://www.mydomain.com/mytenant/IdentityXServices/rest/v1/applications/QTAzlNAJgAhKjhTimHHva9QUJA/policies?page=6&limit=2"
	},
	"href": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
	"items": []
}
Parameters
API/applications/{id}/registrations -> GET
DescriptionList registrations associated with app.
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"previous": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"next": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"last": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2"
	},
	"items": [
		{
		"id": "QTAzSZrwvDz428csGy3rvpElBw",
		"registrationId": "myRegistration",
		"created": "2016-04-08T10:03:04.301+0000",
		"status": "ACTIVE",
		},
	
	{
		"id": "QTAzFgCXYFlc_hRWvgpoi9bB8g",
		"registrationId": "000298d4-e8e9-4a1a-9184-c44c6d577e10",
		"archived": "2016-04-08T15:07:24.696+0000",
		"created": "2016-04-08T15:07:24.603+0000",
		"status": "ARCHIVED",
		}
	]
}
Parameters
API/applications/{id}/authenticationRequests - GET
DescriptionList authenticationRequests associated with app.
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"previous": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"next": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"last": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2"
	},
	"items": [
		{
		"id": "QTAzF3q5-ZGSYoSRXeJtfdAyoQ",
		"authenticationRequestId": "bCKnedNgTT746dW-5NQ-AA",
		"description": "Test auth req",
		"verificationResult": "Y",
		"expiration": "2016-06-22T12:32:06.024+0000",
		"availableRetries": 2,
		"totalRetriesAllowed": 3,
		"processed": "2016-06-22T12:17:49.954+0000",
		"oneTimePasswordEnabled": true,
		"created": "2016-06-22T12:17:15.951+0000",
		"recurring": false,
		"otpTotalRetriesAllowed": 3,
		"otpAvailableRetries": 3,
		"addAuthenticator": false,
		"type": "IX",
		"status": "COMPLETED_SUCCESSFUL",
		},
		{
		"id": "QTAzpQUcLcdiu8Nz0yjcs_dhVQ",
		"authenticationRequestId": "eea67973-1163-4a8c-bc0a-74d1fd65d62d1",
		"description": "D_eea67973-1163-4a8c-bc0a-74d1fd65d62d1",
		"verificationResult": "Y",
		"processed": "2016-06-22T11:39:35.306+0000",
		"created": "2016-06-22T11:38:52.003+0000",
		"type": "FI",
		"fidoChallenge": "cA9tRoPDdfUPwUtsQ1sgOg",
		"serverData": "02aa1dcd-231e-40b6-8db7-9c934b1dd868",
		"fidoResponseCode": 1200,
		"fidoResponseMsg": "Successfully Validated Authentication",
		"status": "COMPLETED_SUCCESSFUL",
	}
	]
}
Parameters

Authenticator API’s

API/authenticators - GET
DescriptionReturns authenticators from the system
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"previous": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"next": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"last": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2"
	},
	"items": [
		{
		"id": "QTAzmmKE7aAge9R57sTTw2WCOQ",
		"authenticatorId": "d33fe7dafa50cfcb33b7e2a5e6f3f443654722cd8ef885358b4c4ae69b4ad007",
		"created": "2016-06-03T10:49:26.183+0000",
		"enrollmentLatitude": "53.349283",
		"enrollmentLongitude": "-6.251405",
		"make": "Apple",
		"model": "iPhone 6",
		"osVersion": "iPhone OS 9.3.2",
		"frameworkVersion": "3.2.10.334/3.2.1.1",
		"status": "ACTIVE",
		"type": "IX",
		"pushNotificationToken": "29122c2671d0d1c411679666632b6ef6a073e312a4ae69f1b68e625d69599cc0",
		},
		{
		"id": "QTAzui454MpiPZ9cpOrURtgLIQ",
		"authenticatorId": "-Ax_DLZCRqedy_e0yvw02w6Ral3RjyRv-2GnlAqfxqY",
		"created": "2016-04-08T15:01:40.020+0000",
		"make": "b70ff2b3-fae0-4118-8f68-b5c36d339eea",
		"model": "b70ff2b3-fae0-4118-8f68-b5c36d339eea",
		"authenticatorCounter": 0,
		"publicKeyId": "-Ax_DLZCRqedy_e0yvw02w6Ral3RjyRv-2GnlAqfxqY",
		"status": "ACTIVE",
		"type": "FI",
	}
	]
}
Parameters
API/authenticators/{id} - GET
DescriptionReturns the authenticator with the specified id
Response
{
	"id": "QTAzmmKE7aAge9R57sTTw2WCOQ",
	"authenticatorId": "d33fe7dafa50cfcb33b7e2a5e6f3f443654722cd8ef885358b4c4ae69b4ad007",
	"created": "2016-06-03T10:49:26.183+0000",
	"enrollmentLatitude": "53.349283",
	"enrollmentLongitude": "-6.251405",
	"make": "Apple",
	"model": "iPhone 6",
	"osVersion": "iPhone OS 9.3.2",
	"frameworkVersion": "3.2.10.334/3.2.1.1",
	"status": "ACTIVE",
	"type": "IX",
	"pushNotificationToken": "29122c2671d0d1c411679666632b6ef6a073e312a4ae69f1b68e625d69599cc0"
}
Parameters
API/authenticators/{id} - POST
DescriptionUpdates the authenticator with the specified Id and returns the updated authenticator
Response
{
	"id": "QTAzmmKE7aAge9R57sTTw2WCOQ",
	"authenticatorId": "d33fe7dafa50cfcb33b7e2a5e6f3f443654722cd8ef885358b4c4ae69b4ad007",
	"updated": "2016-06-20T11:44:40.785+0000",
	"created": "2016-06-03T10:49:26.183+0000",
	"enrollmentLatitude": "53.349283",
	"enrollmentLongitude": "-6.251405",
	"make": "Apple",
	"model": "iPhone 6",
	"osVersion": "iPhone OS 9.3.2",
	"frameworkVersion": "3.2.10.334/3.2.1.1",
	"status": "ACTIVE",
	"type": "IX",
	"pushNotificationToken": "29122c2671d0d1c411679666632b6ef6a073e312a4ae69f1b68e625d69599cc0"
}
Parameters
API/authenticators/{id}/archived - POST
DescriptionArchives the authenticator with the specified id
Response
{
	"id": "QTAzmmKE7aAge9R57sTTw2WCOQ",
	"authenticatorId": "d33fe7dafa50cfcb33b7e2a5e6f3f443654722cd8ef885358b4c4ae69b4ad007",
	"updated": "2016-06-20T11:44:40.785+0000",
	"archived": "2016-06-20T11:44:40.785+0000",
	"created": "2016-06-03T10:49:26.183+0000",
	"enrollmentLatitude": "53.349283",
	"enrollmentLongitude": "-6.251405",
	"make": "Apple",
	"model": "iPhone 6",
	"osVersion": "iPhone OS 9.3.2",
	"frameworkVersion": "3.2.10.334/3.2.1.1",
	"status": "ARCHIVED",
	"type": "IX",
	"pushNotificationToken": "29122c2671d0d1c411679666632b6ef6a073e312a4ae69f1b68e625d69599cc0",
}
Parameters
API/authenticators/{id}/blocked - DELETE
DescriptionUnblocks the authenticator with the specified id
Response
{
	"id": "QTAzmmKE7aAge9R57sTTw2WCOQ",
	"authenticatorId": "d33fe7dafa50cfcb33b7e2a5e6f3f443654722cd8ef885358b4c4ae69b4ad007",
	"updated": "2016-06-20T11:44:40.785+0000",
	"created": "2016-06-03T10:49:26.183+0000",
	"enrollmentLatitude": "53.349283",
	"enrollmentLongitude": "-6.251405",
	"make": "Apple",
	"model": "iPhone 6",
	"osVersion": "iPhone OS 9.3.2",
	"frameworkVersion": "3.2.10.334/3.2.1.1",
	"status": "ACTIVE",
	"type": "IX",
	"pushNotificationToken": "29122c2671d0d1c411679666632b6ef6a073e312a4ae69f1b68e625d69599cc0",
}
Parameters
API/authenticators/{id}/blocked - POST
DescriptionBlocks the authenticator with the specified id
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"previous": "https://www.mydomain.com/mytenant/rest/v1/authenticatorTypes?page=3&limit=2",
		"next": "https://www.mydomain.com/mytenant/rest/v1/authenticatorTypes?page=5&limit=2",
		"last": "https://www.mydomain.com/mytenant/rest/v1/authenticatorTypes?page=6&limit=2"
	},
	"items": [
		{
		"id": "ufr8SnO9rbe06IaTIVIbuw",
		"status": "ACTIVE",
		"created": "2016-03-10T17:30:40.770+0000",
		"updated": "2016-03-10T17:30:40.770+0000",
		"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
		"description": "My authenticator type",
		"vendorName": "A vendor",
		"publicKeyAlgAndEncoding": 259,
		"aaid": "db53#8740",
		"authenticatorVersion": 1,
		"assertionScheme": "UAFV1TLV",
		"authenticationAlgorithm": 4,
		"attestationTypes": [
			15879
		],
		"keyProtection": 1,
		"matcherProtection": 1,
		"attachmentHint": 1,
		"isSecondFactorOnly": false,
		"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
		"tcDisplay": 1,
		"tcDisplayContentType": "image/png",
		"userVerificationDetails": [
			[
			{
				"userVerification": 1
			}
			]
		],
		"attestationRootCertificates": [
			"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
		],
		"tcDisplayPNGCharacteristics": [
			{
			"width": 100,
			"height": 200,
			"bitDepth": 0,
			"colorType": 0,
			"compression": 0,
			"filter": 0,
			"interlace": 0
			}
		],
		"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
		"upv": [
			{
			"major": 1,
			"minor": 0
			}
		],
		},
		{
		"id": "4pmPB7E87tbcJyrFXYid7g",
		"status": "ACTIVE",
		"created": "2016-03-110T17:30:40.770+0000",
		"updated": "2016-03-11T17:30:40.770+0000",
		"name": "020d93dd-bfff-4bc2-b92a-6bb34600fb1f",
		"description": "Another authenticator type",
		"vendorName": "Another vendor",
		"publicKeyAlgAndEncoding": 259,
		"aaid": "db53#8840",
		"authenticatorVersion": 1,
		"assertionScheme": "UAFV1TLV",
		"authenticationAlgorithm": 4,
		"attestationTypes": [
			15879
		],
		"keyProtection": 1,
		"matcherProtection": 1,
		"attachmentHint": 1,
		"isSecondFactorOnly": false,
		"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
		"tcDisplay": 1,
		"tcDisplayContentType": "image/png",
		"userVerificationDetails": [
			[
			{
				"userVerification": 1
			}
			]
		],
		"attestationRootCertificates": [
			"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
		],
		"tcDisplayPNGCharacteristics": [
			{
			"width": 100,
			"height": 200,
			"bitDepth": 0,
			"colorType": 0,
			"compression": 0,
			"filter": 0,
			"interlace": 0
			}
		],
		"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
		"upv": [
			{
			"major": 1,
			"minor": 0
			}
		],
		}
	]
}
Parameters
API/authenticatorTypes - POST
DescriptionCreates a new authenticator type in the system
Response
{
	"id": "ufr8SnO9rbe06IaTIVIbuw",
	"status": "ACTIVE",
	"created": "2016-03-10T17:30:40.770+0000",
	"updated": "2016-03-10T17:30:40.770+0000",
	"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
	"description": "My authenticator type",
	"vendorName": "A vendor",
	"publicKeyAlgAndEncoding": 259,
	"aaid": "db53#8740",
	"authenticatorVersion": 1,
	"assertionScheme": "UAFV1TLV",
	"authenticationAlgorithm": 4,
	"attestationTypes": [
		15879
	],
	"keyProtection": 1,
	"matcherProtection": 1,
	"attachmentHint": 1,
	"isSecondFactorOnly": false,
	"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
	"tcDisplay": 1,
	"tcDisplayContentType": "image/png",
	"userVerificationDetails": [
		[
		{
			"userVerification": 1
		}
		]
	],
	"attestationRootCertificates": [
		"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
	],
	"tcDisplayPNGCharacteristics": [
		{
		"width": 100,
		"height": 200,
		"bitDepth": 0,
		"colorType": 0,
		"compression": 0,
		"filter": 0,
		"interlace": 0
		}
	],
	"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
	"upv": [
		{
		"major": 1,
		"minor": 0
		}
	],
}
Parameters
API/authenticatorTypes/ - GET
DescriptionReturns authenticator types from the system
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"previous": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"next": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"last": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2"
	},
	"items": [
		{
		"id": "ufr8SnO9rbe06IaTIVIbuw",
		"status": "ACTIVE",
		"created": "2016-03-10T17:30:40.770+0000",
		"updated": "2016-03-10T17:30:40.770+0000",
		"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
		"description": "My authenticator type",
		"vendorName": "A vendor",
		"publicKeyAlgAndEncoding": 259,
		"aaid": "db53#8740",
		"authenticatorVersion": 1,
		"assertionScheme": "UAFV1TLV",
		"authenticationAlgorithm": 4,
		"attestationTypes": [
			15879
		],
		"keyProtection": 1,
		"matcherProtection": 1,
		"attachmentHint": 1,
		"isSecondFactorOnly": false,
		"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
		"tcDisplay": 1,
		"tcDisplayContentType": "image/png",
		"userVerificationDetails": [
			[
			{
				"userVerification": 1
			}
			]
		],
		"attestationRootCertificates": [
			"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
		],
		"tcDisplayPNGCharacteristics": [
			{
			"width": 100,
			"height": 200,
			"bitDepth": 0,
			"colorType": 0,
			"compression": 0,
			"filter": 0,
			"interlace": 0
			}
		],
		"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
		"upv": [
			{
			"major": 1,
			"minor": 0
			}
		],
		},
		{
		"id": "4pmPB7E87tbcJyrFXYid7g",
		"status": "ACTIVE",
		"created": "2016-03-110T17:30:40.770+0000",
		"updated": "2016-03-11T17:30:40.770+0000",
		"name": "020d93dd-bfff-4bc2-b92a-6bb34600fb1f",
		"description": "Another authenticator type",
		"vendorName": "Another vendor",
		"publicKeyAlgAndEncoding": 259,
		"aaid": "db53#8840",
		"authenticatorVersion": 1,
		"assertionScheme": "UAFV1TLV",
		"authenticationAlgorithm": 4,
		"attestationTypes": [
			15879
		],
		"keyProtection": 1,
		"matcherProtection": 1,
		"attachmentHint": 1,
		"isSecondFactorOnly": false,
		"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
		"tcDisplay": 1,
		"tcDisplayContentType": "image/png",
		"userVerificationDetails": [
			[
			{
				"userVerification": 1
			}
			]
		],
		"attestationRootCertificates": [
			"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
		],
		"tcDisplayPNGCharacteristics": [
			{
			"width": 100,
			"height": 200,
			"bitDepth": 0,
			"colorType": 0,
			"compression": 0,
			"filter": 0,
			"interlace": 0
			}
		],
		"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
		"upv": [
			{
			"major": 1,
			"minor": 0
			}
		],
		}
	]
}
Parameters
API/authenticatorTypes/{id} - POST
DescriptionUpdates the authenticator type with the specified Id and returns the updated authenticator type
Response
{
	"id": "ufr8SnO9rbe06IaTIVIbuw",
	"status": "ACTIVE",
	"created": "2016-03-10T17:30:40.770+0000",
	"updated": "2016-03-21T18:25:33.650+0000",
	"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
	"description": "My authenticator type",
	"vendorName": "A vendor",
	"publicKeyAlgAndEncoding": 259,
	"aaid": "db53#8740",
	"authenticatorVersion": 1,
	"assertionScheme": "UAFV1TLV",
	"authenticationAlgorithm": 4,
	"attestationTypes": [
		15879
	],
	"keyProtection": 1,
	"matcherProtection": 1,
	"attachmentHint": 1,
	"isSecondFactorOnly": false,
	"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
	"tcDisplay": 1,
	"tcDisplayContentType": "image/png",
	"userVerificationDetails": [
		[
		{
			"userVerification": 1
		}
		]
	],
	"attestationRootCertificates": [
		"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
	],
	"tcDisplayPNGCharacteristics": [
		{
		"width": 100,
		"height": 200,
		"bitDepth": 0,
		"colorType": 0,
		"compression": 0,
		"filter": 0,
		"interlace": 0
		}
	],
	"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
	"upv": [
		{
		"major": 1,
		"minor": 0
		}
	],
}
Parameters
API/authenticatorTypes/{id} - GET
DescriptionReturns the authenticator type with the specified Id
Response
{
	"id": "ufr8SnO9rbe06IaTIVIbuw",
	"status": "ACTIVE",
	"created": "2016-03-10T17:30:40.770+0000",
	"updated": "2016-03-10T17:30:40.770+0000",
	"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
	"description": "My authenticator type",
	"vendorName": "A vendor",
	"publicKeyAlgAndEncoding": 259,
	"aaid": "db53#8740",
	"authenticatorVersion": 1,
	"assertionScheme": "UAFV1TLV",
	"authenticationAlgorithm": 4,
	"attestationTypes": [
		15879
	],
	"keyProtection": 1,
	"matcherProtection": 1,
	"attachmentHint": 1,
	"isSecondFactorOnly": false,
	"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
	"tcDisplay": 1,
	"tcDisplayContentType": "image/png",
	"userVerificationDetails": [
		[
		{
			"userVerification": 1
		}
		]
	],
	"attestationRootCertificates": [
		"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
	],
	"tcDisplayPNGCharacteristics": [
		{
		"width": 100,
		"height": 200,
		"bitDepth": 0,
		"colorType": 0,
		"compression": 0,
		"filter": 0,
		"interlace": 0
		}
	],
	"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
	"upv": [
		{
		"major": 1,
		"minor": 0
		}
	],
}
Parameters
API/authenticatorTypes/{id}/archived
DescriptionArchives the authenticator type with the specified id
Response
{
	"id": "ufr8SnO9rbe06IaTIVIbuw",
	"status": "ARCHIVED",
	"archived": "2016-06-15T16:23:09.290+0000",
	"created": "2016-03-10T17:30:40.770+0000",
	"updated": "2016-06-15T16:23:09.290+0000",
	"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
	"description": "My authenticator type",
	"vendorName": "A vendor",
	"publicKeyAlgAndEncoding": 259,
	"aaid": "db53#8740",
	"authenticatorVersion": 1,
	"assertionScheme": "UAFV1TLV",
	"authenticationAlgorithm": 4,
	"attestationTypes": [
		15879
	],
	"keyProtection": 1,
	"matcherProtection": 1,
	"attachmentHint": 1,
	"isSecondFactorOnly": false,
	"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
	"tcDisplay": 1,
	"tcDisplayContentType": "image/png",
	"userVerificationDetails": [
		[
		{
			"userVerification": 1
		}
		]
	],
	"attestationRootCertificates": [
		"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
	],
	"tcDisplayPNGCharacteristics": [
		{
		"width": 100,
		"height": 200,
		"bitDepth": 0,
		"colorType": 0,
		"compression": 0,
		"filter": 0,
		"interlace": 0
		}
	],
	"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
	"upv": [
		{
		"major": 1,
		"minor": 0
		}
	],
}
Parameters
API/authenticatorTypes/{id}/blocked - DELETE
DescriptionUnblocks the authenticator type with the specified id
Response
{
	"id": "ufr8SnO9rbe06IaTIVIbuw",
	"status": "ACTIVE",
	"created": "2016-03-10T17:30:40.770+0000",
	"updated": "2016-03-21T18:25:33.650+0000",
	"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
	"description": "My authenticator type",
	"vendorName": "A vendor",
	"publicKeyAlgAndEncoding": 259,
	"aaid": "db53#8740",
	"authenticatorVersion": 1,
	"assertionScheme": "UAFV1TLV",
	"authenticationAlgorithm": 4,
	"attestationTypes": [
		15879
	],
	"keyProtection": 1,
	"matcherProtection": 1,
	"attachmentHint": 1,
	"isSecondFactorOnly": false,
	"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
	"tcDisplay": 1,
	"tcDisplayContentType": "image/png",
	"userVerificationDetails": [
		[
		{
			"userVerification": 1
		}
		]
	],
	"attestationRootCertificates": [
		"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
	],
	"tcDisplayPNGCharacteristics": [
		{
		"width": 100,
		"height": 200,
		"bitDepth": 0,
		"colorType": 0,
		"compression": 0,
		"filter": 0,
		"interlace": 0
		}
	],
	"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
	"upv": [
		{
		"major": 1,
		"minor": 0
		}
	],
}
Parameters
API/authenticatorTypes/{id}/blocked - POST
DescriptionBlocks the authenticator type with the specified id
Response
{
	"id": "ufr8SnO9rbe06IaTIVIbuw",
	"status": "BLOCKED",
	"created": "2016-03-10T17:30:40.770+0000",
	"updated": "2016-03-21T18:25:33.650+0000",
	"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
	"description": "My authenticator type",
	"vendorName": "A vendor",
	"publicKeyAlgAndEncoding": 259,
	"aaid": "db53#8740",
	"authenticatorVersion": 1,
	"assertionScheme": "UAFV1TLV",
	"authenticationAlgorithm": 4,
	"attestationTypes": [
		15879
	],
	"keyProtection": 1,
	"matcherProtection": 1,
	"attachmentHint": 1,
	"isSecondFactorOnly": false,
	"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
	"tcDisplay": 1,
	"tcDisplayContentType": "image/png",
	"userVerificationDetails": [
		[
		{
			"userVerification": 1
		}
		]
	],
	"attestationRootCertificates": [
		"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
	],
	"tcDisplayPNGCharacteristics": [
		{
		"width": 100,
		"height": 200,
		"bitDepth": 0,
		"colorType": 0,
		"compression": 0,
		"filter": 0,
		"interlace": 0
		}
	],
	"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
	"upv": [
		{
		"major": 1,
		"minor": 0
		}
	],
}

Policies API's

API/policies - GET
DescriptionReturns policies from the system
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"previous": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"next": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"last": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2"
	},
	"items": [
		{
		"id": "QTAz2WCPK79z1nOe1NsBC4IxQQ",
		"policyId": "FaceOnly",
		"description": "face only",
		"otpRetryAttempts": 3,
		"retryAttempts": 3,
		"updated": "2016-03-10T15:53:12.466+0000",
		"created": "2016-03-10T15:53:12.466+0000",
		"type": "IE",
		"status": "ACTIVE",
		"legacyAuthenticationPolicy": {
			"voiceEnabled": false,
			"voiceLivenessEnabled": false,
			"faceEnabled": false,
			"gpsEnabled": false,
			"pinEnabled": false,
			"smsVerificationEnabled": false
		},
		},
		{
		"id": "QTAzfRXB5pVNvuB-i7p9_QjD9Q",
		"policyId": "faceOrFingerprint",
		"description": "faceOrFingerprint",
		"otpRetryAttempts": 3,
		"retryAttempts": 3,
		"updated": "2016-03-21T15:59:31.508+0000",
		"created": "2016-03-21T15:59:31.508+0000",
		"type": "IA",
		"status": "ACTIVE",
		"legacyAuthenticationPolicy": {
			"voiceEnabled": false,
			"voiceLivenessEnabled": false,
			"faceEnabled": false,
			"gpsEnabled": false,
			"pinEnabled": false,
			"smsVerificationEnabled": false
		},
		}
	]
}
Parameters
API/policies/ - POST
DescriptionCreates a new policy in the system.
Response
{
	"id": "QTAzfRXB5pVNvuB-i7p9_QjD9Q",
	"policyId": "faceOrFingerprint",
	"description": "faceOrFingerprint",
	"otpRetryAttempts": 3,
	"retryAttempts": 3,
	"updated": "2016-03-21T15:59:31.508+0000",
	"created": "2016-03-21T15:59:31.508+0000",
	"type": "IA",
	"status": "ACTIVE",
	"legacyAuthenticationPolicy": {
		"voiceEnabled": false,
		"voiceLivenessEnabled": false,
		"faceEnabled": false,
		"gpsEnabled": false,
		"pinEnabled": false,
		"smsVerificationEnabled": false
	},
	"activityDefinition": {
		"verificationOptions": [
		{
			"face": {
			"face": {
				"liveness": {
				"algorithm": "1",
				"method": "BLINK",
				"threshold": "0.400"
				}
			}
			},
			"description": "Face",
			"_id": "b56cfe29-26c6-40b1-8b11-649e46851587"
		},
		{
			"fingerprint": {},
			"description": "Fingerprint",
			"_id": "49af3986-3183-4b0a-9f80-b7bab96be5f0"
		}
		],
		"enrollmentOptions": []
	},
}
Parameters
API/policies - GET
DescriptionReturns policies from the system
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"previous": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"next": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"last": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2"
	},
	"items": [
		{
		"id": "QTAz2WCPK79z1nOe1NsBC4IxQQ",
		"policyId": "FaceOnly",
		"description": "face only",
		"otpRetryAttempts": 3,
		"retryAttempts": 3,
		"updated": "2016-03-10T15:53:12.466+0000",
		"created": "2016-03-10T15:53:12.466+0000",
		"type": "IE",
		"status": "ACTIVE",
		"legacyAuthenticationPolicy": {
			"voiceEnabled": false,
			"voiceLivenessEnabled": false,
			"faceEnabled": false,
			"gpsEnabled": false,
			"pinEnabled": false,
			"smsVerificationEnabled": false
		},
		},
		{
		"id": "QTAzfRXB5pVNvuB-i7p9_QjD9Q",
		"policyId": "faceOrFingerprint",
		"description": "faceOrFingerprint",
		"otpRetryAttempts": 3,
		"retryAttempts": 3,
		"updated": "2016-03-21T15:59:31.508+0000",
		"created": "2016-03-21T15:59:31.508+0000",
		"type": "IA",
		"status": "ACTIVE",
		"legacyAuthenticationPolicy": {
			"voiceEnabled": false,
			"voiceLivenessEnabled": false,
			"faceEnabled": false,
			"gpsEnabled": false,
			"pinEnabled": false,
			"smsVerificationEnabled": false
		},
		}
	]
}
Parameters
API/policies/{id} - GET
DescriptionReturns the policy with the specified Id
Response
{
	"id": "QTAzfRXB5pVNvuB-i7p9_QjD9Q",
	"policyId": "faceOrFingerprint",
	"description": "faceOrFingerprint",
	"otpRetryAttempts": 3,
	"retryAttempts": 3,
	"updated": "2016-03-21T15:59:31.508+0000",
	"created": "2016-03-21T15:59:31.508+0000",
	"type": "IA",
	"status": "ACTIVE",
	"legacyAuthenticationPolicy": {
		"voiceEnabled": false,
		"voiceLivenessEnabled": false,
		"faceEnabled": false,
		"gpsEnabled": false,
		"pinEnabled": false,
		"smsVerificationEnabled": false
	},
	"activityDefinition": {
		"verificationOptions": [
		{
			"face": {
			"face": {
				"liveness": {
				"algorithm": "1",
				"method": "BLINK",
				"threshold": "0.400"
				}
			}
			},
			"description": "Face",
			"_id": "b56cfe29-26c6-40b1-8b11-649e46851587"
		},
		{
			"fingerprint": {},
			"description": "Fingerprint",
			"_id": "49af3986-3183-4b0a-9f80-b7bab96be5f0"
		}
		],
		"enrollmentOptions": []
	},
}
Parameters
API/policies/{id} - POST
DescriptionUpdates the policy with the specified Id and returns the updated policy
Response
{
	"id": "QTAzfRXB5pVNvuB-i7p9_QjD9Q",
	"policyId": "faceOrFingerprint",
	"description": "faceOrFingerprint",
	"otpRetryAttempts": 3,
	"retryAttempts": 3,
	"updated": "2016-05-14T12:33:27.773+0000",
	"created": "2016-03-21T15:59:31.508+0000",
	"type": "IA",
	"status": "ACTIVE",
	"legacyAuthenticationPolicy": {
		"voiceEnabled": false,
		"voiceLivenessEnabled": false,
		"faceEnabled": false,
		"gpsEnabled": false,
		"pinEnabled": false,
		"smsVerificationEnabled": false
	},
	"activityDefinition": {
		"verificationOptions": [
		{
			"face": {
			"face": {
				"liveness": {
				"algorithm": "1",
				"method": "BLINK",
				"threshold": "0.400"
				}
			}
			},
			"description": "Face",
			"_id": "b56cfe29-26c6-40b1-8b11-649e46851587"
		},
		{
			"fingerprint": {},
			"description": "Fingerprint",
			"_id": "49af3986-3183-4b0a-9f80-b7bab96be5f0"
		}
		],
		"enrollmentOptions": []
	},
}
Parameters
API/policies/{id}/archived - POST
DescriptionArchives the policy with the specified id
Response
{
	"id": "QTAzfRXB5pVNvuB-i7p9_QjD9Q",
	"policyId": "faceOrFingerprint",
	"description": "faceOrFingerprint",
	"otpRetryAttempts": 3,
	"retryAttempts": 3,
	"archived": "2016-05-14T12:33:27.773+0000",
	"updated": "2016-05-14T12:33:27.773+0000",
	"created": "2016-03-21T15:59:31.508+0000",
	"type": "IA",
	"status": "ARCHIVED",
	"legacyAuthenticationPolicy": {
		"voiceEnabled": false,
		"voiceLivenessEnabled": false,
		"faceEnabled": false,
		"gpsEnabled": false,
		"pinEnabled": false,
		"smsVerificationEnabled": false
	},
	"activityDefinition": {
		"verificationOptions": [
		{
			"face": {
			"face": {
				"liveness": {
				"algorithm": "1",
				"method": "BLINK",
				"threshold": "0.400"
				}
			}
			},
			"description": "Face",
			"_id": "b56cfe29-26c6-40b1-8b11-649e46851587"
		},
		{
			"fingerprint": {},
			"description": "Fingerprint",
			"_id": "49af3986-3183-4b0a-9f80-b7bab96be5f0"
		}
		],
		"enrollmentOptions": []
	},
}
Parameters
API/policies/{id}/blocked - DELETE
DescriptionUnblocks the policy with the specified id
Response
{
	"id": "QTAzfRXB5pVNvuB-i7p9_QjD9Q",
	"policyId": "faceOrFingerprint",
	"description": "faceOrFingerprint",
	"otpRetryAttempts": 3,
	"retryAttempts": 3,
	"updated": "2016-05-14T12:33:27.773+0000",
	"created": "2016-03-21T15:59:31.508+0000",
	"type": "IA",
	"status": "ACTIVE",
	"legacyAuthenticationPolicy": {
		"voiceEnabled": false,
		"voiceLivenessEnabled": false,
		"faceEnabled": false,
		"gpsEnabled": false,
		"pinEnabled": false,
		"smsVerificationEnabled": false
	},
	"activityDefinition": {
		"verificationOptions": [
		{
			"face": {
			"face": {
				"liveness": {
				"algorithm": "1",
				"method": "BLINK",
				"threshold": "0.400"
				}
			}
			},
			"description": "Face",
			"_id": "b56cfe29-26c6-40b1-8b11-649e46851587"
		},
		{
			"fingerprint": {},
			"description": "Fingerprint",
			"_id": "49af3986-3183-4b0a-9f80-b7bab96be5f0"
		}
		],
		"enrollmentOptions": []
	},
}
Parameters
API/policies/{id}/blocked - POST
DescriptionBlocks the policy with the specified id
Response
{
	"id": "QTAzfRXB5pVNvuB-i7p9_QjD9Q",
	"policyId": "faceOrFingerprint",
	"description": "faceOrFingerprint",
	"otpRetryAttempts": 3,
	"retryAttempts": 3,
	"updated": "2016-05-14T12:33:27.773+0000",
	"created": "2016-03-21T15:59:31.508+0000",
	"type": "IA",
	"status": "BLOCKED",
	"legacyAuthenticationPolicy": {
		"voiceEnabled": false,
		"voiceLivenessEnabled": false,
		"faceEnabled": false,
		"gpsEnabled": false,
		"pinEnabled": false,
		"smsVerificationEnabled": false
	},
	"activityDefinition": {
		"verificationOptions": [
		{
			"face": {
			"face": {
				"liveness": {
				"algorithm": "1",
				"method": "BLINK",
				"threshold": "0.400"
				}
			}
			},
			"description": "Face",
			"_id": "b56cfe29-26c6-40b1-8b11-649e46851587"
		},
		{
			"fingerprint": {},
			"description": "Fingerprint",
			"_id": "49af3986-3183-4b0a-9f80-b7bab96be5f0"
		}
		],
		"enrollmentOptions": []
	},
}
Parameters
API/policies/{id}/authenticationRequests - GET
DescriptionReturns a page of authentication requests for the policy with the specified Id
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": null,
		"previous": null,
		"next": null,
		"last": null
	},
	"items": [
		{
		"id": "QTAzF3q5-ZGSYoSRXeJtfdAyoQ",
		"authenticationRequestId": "bCKnedNgTT746dW-5NQ-AA",
		"description": "Test auth req",
		"verificationResult": "Y",
		"expiration": "2016-06-22T12:32:06.024+0000",
		"availableRetries": 2,
		"totalRetriesAllowed": 3,
		"processed": "2016-06-22T12:17:49.954+0000",
		"oneTimePasswordEnabled": true,
		"created": "2016-06-22T12:17:15.951+0000",
		"recurring": false,
		"otpTotalRetriesAllowed": 3,
		"otpAvailableRetries": 3,
		"addAuthenticator": false,
		"type": "IX",
		"status": "COMPLETED_SUCCESSFUL",
	},
		{
		"id": "QTAzpQUcLcdiu8Nz0yjcs_dhVQ",
		"authenticationRequestId": "eea67973-1163-4a8c-bc0a-74d1fd65d62d1",
		"description": "D_eea67973-1163-4a8c-bc0a-74d1fd65d62d1",
		"verificationResult": "Y",
		"processed": "2016-06-22T11:39:35.306+0000",
		"created": "2016-06-22T11:38:52.003+0000",
		"type": "FI",
		"fidoChallenge": "cA9tRoPDdfUPwUtsQ1sgOg",
		"serverData": "02aa1dcd-231e-40b6-8db7-9c934b1dd868",
		"fidoResponseCode": 1200,
		"fidoResponseMsg": "Successfully Validated Authentication",
		"status": "COMPLETED_SUCCESSFUL",
		}
	]
}
Parameters
API/registrations - GET
DescriptionReturns registrations from the system
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"previous": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"next": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"last": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2"
	},
	"items": [
		{
		"id": "QTAzSZrwvDz428csGy3rvpElBw",
		"registrationId": "myRegistration",
		"created": "2016-04-08T10:03:04.301+0000",
		"status": "ACTIVE",
		},
		{
		"id": "QTAzFgCXYFlc_hRWvgpoi9bB8g",
		"registrationId": "000298d4-e8e9-4a1a-9184-c44c6d577e10",
		"archived": "2016-04-08T15:07:24.696+0000",
		"created": "2016-04-08T15:07:24.603+0000",
		"status": "ARCHIVED",
		}
	]
}
Parameters
API/registrations/ - POST
DescriptionCreates a new registration in the system
Response
{
	"id": "QTAzSZrwvDz428csGy3rvpElBw",
	"registrationId": "myRegistration",
	"created": "2016-04-08T10:03:04.301+0000",
	"status": "ACTIVE",
}
Parameters
API/registrations/{id} - POST
DescriptionArchives the registration with the specified id
Response
{
	"id": "QTAzSZrwvDz428csGy3rvpElBw",
	"registrationId": "myRegistration",
	"archived": "2016-04-17T11:01:27.799+0000",
	"created": "2016-04-08T10:03:04.301+0000",
	"status": "ARCHIVED",
}
Parameters
API/registrations/{id}/archived - POST
DescriptionArchives the registration challenge with the specified id
Response
{
	"id": "xjGka-STf72GvQh48VOHng",
	"challenge": "OVQkpE_gTksaGChA7chHjA",
	"fidoRegistrationRequest": "[{\"header\":{\"upv\":{\"major\":1,\"minor\":0},\"op\":\"Reg\",\"appID\":\"https://fido.daon.com/fido\",\"serverData\":\"063de11c-153c-4cbe-ac74-fbe282feffac\"},\"challenge\":\"OVQkpE_gTksaGChA7chHjA\",\"username\":\"e6d3c1fd-fb95-41f6-90e6-33cb147bdeed\",\"policy\":{\"accepted\":[[{\"aaid\":[\"1d77#2146\"]}]]}}]",
	"status": "ARCHIVED",
	"serverData": "063de11c-153c-4cbe-ac74-fbe282feffac",
	"created": "2016-06-23T15:00:18.448+0000",
	"updated": "2016-06-24T17:23:16.866+0000",
}
Parameters
API/registrations/{id}/blocked - DELETE
DescriptionUnblocks the registration with the specified id
Response
{
	"id": "QTAzSZrwvDz428csGy3rvpElBw",
	"registrationId": "myRegistration",
	"created": "2016-04-08T10:03:04.301+0000",
	"status": "ACTIVE",
}
Parameters
API/registrations/{id}/blocked - POST
DescriptionBlocks the registration with the specified id
Response
{
	"id": "QTAzSZrwvDz428csGy3rvpElBw",
	"registrationId": "myRegistration",
	"created": "2016-04-08T10:03:04.301+0000",
	"status": "BLOCKED",
}
Parameters
API/systemAuthenticatorTypes - GET
DescriptionReturns system authenticator types from the system
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://saas.thumbsignin.com/rest/v1/registrations?page=1&limit=2",
		"previous": "https://www.mydomain.com/rest/v1/systemAuthenticatorTypes?page=3&limit=2",
		"next": "https://www.mydomain.com/rest/v1/systemAuthenticatorTypes?page=5&limit=2",
		"last": "https://www.mydomain.com/rest/v1/systemAuthenticatorTypes?page=6&limit=2"
	},
	"items": [
		{
		"id": "ufr8SnO9rbe06IaTIVIbuw",
		"status": "ACTIVE",
		"created": "2016-03-10T17:30:40.770+0000",
		"updated": "2016-03-10T17:30:40.770+0000",
		"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
		"description": "My authenticator type",
		"vendorName": "A vendor",
		"publicKeyAlgAndEncoding": 259,
		"aaid": "db53#8740",
		"authenticatorVersion": 1,
		"assertionScheme": "UAFV1TLV",
		"authenticationAlgorithm": 4,
		"attestationTypes": [
			15879
		],
		"keyProtection": 1,
		"matcherProtection": 1,
		"attachmentHint": 1,
		"isSecondFactorOnly": false,
		"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
		"tcDisplay": 1,
		"tcDisplayContentType": "image/png",
		"userVerificationDetails": [
			[
			{
				"userVerification": 1
			}
			]
		],
		"attestationRootCertificates": [
			"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
		],
		"tcDisplayPNGCharacteristics": [
			{
			"width": 100,
			"height": 200,
			"bitDepth": 0,
			"colorType": 0,
			"compression": 0,
			"filter": 0,
			"interlace": 0
			}
		],
		"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
		"upv": [
			{
			"major": 1,
			"minor": 0
			}
		],
		},
		{
		"id": "4pmPB7E87tbcJyrFXYid7g",
		"status": "ACTIVE",
		"created": "2016-03-110T17:30:40.770+0000",
		"updated": "2016-03-11T17:30:40.770+0000",
		"name": "020d93dd-bfff-4bc2-b92a-6bb34600fb1f",
		"description": "Another authenticator type",
		"vendorName": "Another vendor",
		"publicKeyAlgAndEncoding": 259,
		"aaid": "db53#8840",
		"authenticatorVersion": 1,
		"assertionScheme": "UAFV1TLV",
		"authenticationAlgorithm": 4,
		"attestationTypes": [
			15879
		],
		"keyProtection": 1,
		"matcherProtection": 1,
		"attachmentHint": 1,
		"isSecondFactorOnly": false,
		"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
		"tcDisplay": 1,
		"tcDisplayContentType": "image/png",
		"userVerificationDetails": [
			[
			{
				"userVerification": 1
			}
			]
		],
		"attestationRootCertificates": [
			"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
		],
		"tcDisplayPNGCharacteristics": [
			{
			"width": 100,
			"height": 200,
			"bitDepth": 0,
			"colorType": 0,
			"compression": 0,
			"filter": 0,
			"interlace": 0
			}
		],
		"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
		"upv": [
			{
			"major": 1,
			"minor": 0
			}
		],
		}
	]
}
Parameters
API/systemAuthenticatorTypes/ - POST
DescriptionCreates a new system authenticator type in the system
Response
{
	"id": "ufr8SnO9rbe06IaTIVIbuw",
	"status": "ACTIVE",
	"created": "2016-03-10T17:30:40.770+0000",
	"updated": "2016-03-10T17:30:40.770+0000",
	"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
	"description": "My authenticator type",
	"vendorName": "A vendor",
	"publicKeyAlgAndEncoding": 259,
	"aaid": "db53#8740",
	"authenticatorVersion": 1,
	"assertionScheme": "UAFV1TLV",
	"authenticationAlgorithm": 4,
	"attestationTypes": [
		15879
	],
	"keyProtection": 1,
	"matcherProtection": 1,
	"attachmentHint": 1,
	"isSecondFactorOnly": false,
	"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
	"tcDisplay": 1,
	"tcDisplayContentType": "image/png",
	"userVerificationDetails": [
		[
		{
			"userVerification": 1
		}
		]
	],
	"attestationRootCertificates": [
		"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
	],
	"tcDisplayPNGCharacteristics": [
		{
		"width": 100,
		"height": 200,
		"bitDepth": 0,
		"colorType": 0,
		"compression": 0,
		"filter": 0,
		"interlace": 0
		}
	],
	"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
	"upv": [
		{
		"major": 1,
		"minor": 0
		}
	],
}
Parameters
API/systemAuthenticatorTypes/{id} - GET
DescriptionReturns the system authenticator type with the specified Id
Response
{
	"id": "ufr8SnO9rbe06IaTIVIbuw",
	"status": "ACTIVE",
	"created": "2016-03-10T17:30:40.770+0000",
	"updated": "2016-03-10T17:30:40.770+0000",
	"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
	"description": "My authenticator type",
	"vendorName": "A vendor",
	"publicKeyAlgAndEncoding": 259,
	"aaid": "db53#8740",
	"authenticatorVersion": 1,
	"assertionScheme": "UAFV1TLV",
	"authenticationAlgorithm": 4,
	"attestationTypes": [
		15879
	],
	"keyProtection": 1,
	"matcherProtection": 1,
	"attachmentHint": 1,
	"isSecondFactorOnly": false,
	"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
	"tcDisplay": 1,
	"tcDisplayContentType": "image/png",
	"userVerificationDetails": [
		[
		{
			"userVerification": 1
		}
		]
	],
	"attestationRootCertificates": [
		"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
	],
	"tcDisplayPNGCharacteristics": [
		{
		"width": 100,
		"height": 200,
		"bitDepth": 0,
		"colorType": 0,
		"compression": 0,
		"filter": 0,
		"interlace": 0
		}
	],
	"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
	"upv": [
		{
		"major": 1,
		"minor": 0
		}
	],
}
Parameters
API/systemAuthenticatorTypes/{id} - POST
DescriptionUpdates the system authenticator type with the specified Id and returns the updated system authenticator type
Response
{
	"id": "ufr8SnO9rbe06IaTIVIbuw",
	"status": "ACTIVE",
	"created": "2016-03-10T17:30:40.770+0000",
	"updated": "2016-03-21T18:25:33.650+0000",
	"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
	"description": "My authenticator type",
	"vendorName": "A vendor",
	"publicKeyAlgAndEncoding": 259,
	"aaid": "db53#8740",
	"authenticatorVersion": 1,
	"assertionScheme": "UAFV1TLV",
	"authenticationAlgorithm": 4,
	"attestationTypes": [
		15879
	],
	"keyProtection": 1,
	"matcherProtection": 1,
	"attachmentHint": 1,
	"isSecondFactorOnly": false,
	"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
	"tcDisplay": 1,
	"tcDisplayContentType": "image/png",
	"userVerificationDetails": [
		[
		{
			"userVerification": 1
		}
		]
	],
	"attestationRootCertificates": [
		"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
	],
	"tcDisplayPNGCharacteristics": [
		{
		"width": 100,
		"height": 200,
		"bitDepth": 0,
		"colorType": 0,
		"compression": 0,
		"filter": 0,
		"interlace": 0
		}
	],
	"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
	"upv": [
		{
		"major": 1,
		"minor": 0
		}
	],
}
Parameters
API/systemAuthenticatorTypes/{id}/archived - POST
DescriptionArchives the system authenticator type with the specified id
Response
{
	"id": "ufr8SnO9rbe06IaTIVIbuw",
	"status": "ARCHIVED",
	"archived": "2016-03-21T18:25:33.650+0000",
	"created": "2016-03-10T17:30:40.770+0000",
	"updated": "2016-03-21T18:25:33.650+0000",
	"name": "00ef68d4-24c5-42d2-aa97-090a3d1f244d",
	"description": "My authenticator type",
	"vendorName": "A vendor",
	"publicKeyAlgAndEncoding": 259,
	"aaid": "db53#8740",
	"authenticatorVersion": 1,
	"assertionScheme": "UAFV1TLV",
	"authenticationAlgorithm": 4,
	"attestationTypes": [
		15879
	],
	"keyProtection": 1,
	"matcherProtection": 1,
	"attachmentHint": 1,
	"isSecondFactorOnly": false,
	"supportedExtensionIds": "Ext 124, Ext 3356 ,Ext 555",
	"tcDisplay": 1,
	"tcDisplayContentType": "image/png",
	"userVerificationDetails": [
		[
		{
			"userVerification": 1
		}
		]
	],
	"attestationRootCertificates": [
		"MIIDiTCCAnGgAwIBAgIJALnc8noKOFnLMA0GCSqPUaLrlNZF.........N/4C8LAK/DIIdtC5uryn19WN4/wdlKTfIBs"
	],
	"tcDisplayPNGCharacteristics": [
		{
		"width": 100,
		"height": 200,
		"bitDepth": 0,
		"colorType": 0,
		"compression": 0,
		"filter": 0,
		"interlace": 0
		}
	],
	"icon": "iVBORw0KGgoAAAANSUhEUgAA........AQAAAAEAAgICAgICAgICAgICAgIA==",
	"upv": [
		{
		"major": 1,
		"minor": 0
		}
	],
}
Parameters

Tenant API’s

API/tenants - GET
DescriptionReturns tenants from the system
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://www.mydomain.com/rest/v1/tenants?page=1&limit=2",
		"previous": "https://www.mydomain.com/rest/v1/tenants?page=3&limit=2",
		"next": "https://www.mydomain.com/rest/v1/tenants?page=5&limit=2",
		"last": "https://www.mydomain.com/rest/v1/tenants?page=6&limit=2"
	},
	"items": [
		{
		"id": "r3aBzbrhNVVIZ2zpPfZVVg",
		"name": "My Tenant",
		"status": "ACTIVE",
		"domainId": "mytenant",
		"created": "2016-06-17T16:16:37.722+0000",
		"updated": "2016-06-17T16:16:37.722+0000",
		"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
		},
		{
		"id": "dP3iKzy9B4ihAyoI_mS6Jg",
		"name": "Another Tenant",
		"status": "ARCHIVED",
		"domainId": "anothertenant",
		"created": "2016-03-07T12:47:35.610+0000",
		"updated": "2016-04-19T09:50:47.368+0000",
		"archived": "2016-04-19T09:50:47.368+0000",
		"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
		}
	]
}
Parameters
API/tenants/ - POST
DescriptionCreates a new tenant in the system
Response
{
	"id": "r3aBzbrhNVVIZ2zpPfZVVg",
	"name": "My Tenant",
	"status": "ACTIVE",
	"domainId": "mytenant",
	"created": "2016-06-17T16:16:37.722+0000",
	"updated": "2016-06-17T16:16:37.722+0000",
	"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
}
Parameters
API/tenants/ - GET
DescriptionReturns the tenant with the specified Id
Response
{
	"id": "r3aBzbrhNVVIZ2zpPfZVVg",
	"name": "My Tenant",
	"status": "ACTIVE",
	"domainId": "mytenant",
	"created": "2016-06-17T16:16:37.722+0000",
	"updated": "2016-06-17T16:16:37.722+0000",
	"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
}
Parameters
API/tenants/{id} - POST
DescriptionUpdates the tenant with the specified Id and returns the updated tenant
Response
{
	"id": "r3aBzbrhNVVIZ2zpPfZVVg",
	"name": "My Tenant",
	"status": "ACTIVE",
	"domainId": "mytenant",
	"created": "2016-06-17T16:16:37.722+0000",
	"updated": "2016-06-25T17:09:22.655+0000",
	"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
}
Parameters
API/tenants/{id} -GET
DescriptionReturns the tenant with the specified Id
Response
{
	"id": "r3aBzbrhNVVIZ2zpPfZVVg",
	"name": "My Tenant",
	"status": "ACTIVE",
	"domainId": "mytenant",
	"created": "2016-06-17T16:16:37.722+0000",
	"updated": "2016-06-17T16:16:37.722+0000",
	"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
}
Parameters
API/tenants/{id}/archived - POST
DescriptionArchives the tenant with the specified id
Response
{
	"id": "dP3iKzy9B4ihAyoI_mS6Jg",
	"name": "Another Tenant",
	"status": "ARCHIVED",
	"domainId": "anothertenant",
	"created": "2016-03-07T12:47:35.610+0000",
	"updated": "2016-04-19T09:50:47.368+0000",
	"archived": "2016-04-19T09:50:47.368+0000",
	"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
}
Parameters
API/tenants/{id}/blocked - DELETE
DescriptionUnblocks the tenant with the specified id
Response
{
	"id": "r3aBzbrhNVVIZ2zpPfZVVg",
	"name": "My Tenant",
	"status": "ACTIVE",
	"domainId": "mytenant",
	"created": "2016-06-17T16:16:37.722+0000",
	"updated": "2016-06-19T09:50:47.368+0000",
	"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
}
Parameters
API/tenants/{id}/blocked - POST
DescriptionBlocks the tenant with the specified id
Response
{
	"id": "r3aBzbrhNVVIZ2zpPfZVVg",
	"name": "My Tenant",
	"status": "BLOCKED",
	"domainId": "mytenant",
	"created": "2016-06-17T16:16:37.722+0000",
	"updated": "2016-06-19T09:50:47.368+0000",
	"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
}
Parameters
API/tokens - GET
DescriptionReturns tokens from the system
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://www.mydomain.com/mytenant/rest/v1/tokens?page=1&limit=2",
		"previous": "https://www.mydomain.com/mytenant/rest/v1/tokens?page=3&limit=2",
		"next": "https://www.mydomain.com/mytenant/rest/v1/tokens?page=5&limit=2",
		"last": "https://www.mydomain.com/mytenant/rest/v1/tokens?page=6&limit=2"
	},
	"items": [
		{
		"id": "ncSbdn91BEHx6GHNWHt_iQ",
		"sharedKeyId": "ncSbdn91BEHx6GHNWHt_iQ",
		"created": "2016-06-15T10:43:42.462+0000",
		"expiration": "2017-02-08T11:58:00.000+0000",
		"tenant": {
			"id": "MyTenant",
			"name": "My Tenant",
			"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
		},
		"status": "ACTIVE",
		"type": "PERMANENT",
		"subjectId": "ddfgdfg",
		"permissions": [
			{
			"entity": "*",
			"operation": "*",
			"permissionSelector": {
				"selectorType": "WITHIN",            
			}
			}
		]
		},
		{
		"id": "Jv2JGlGkwPKhHyaiR539UQ",
		"sharedKeyId": "Jv2JGlGkwPKhHyaiR539UQ",
		"created": "2016-06-23T08:58:30.232+0000",
		"expiration": "2016-06-23T09:14:54.743+0000",
		"tenant": {
			"id": "MyTenant",
			"name": "My Tenant",
			"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
		},
		"status": "ARCHIVED",
		"cookie": "aZ_KdNRqHohtIo-tyJg",
		"type": "SESSION",
		"subjectId": "uid=haIdx,ou=People,dc=idx,dc=com",
		"permissions": [
			{
			"entity": "*",
			"operation": "*",
			"permissionSelector": {
				"selectorType": "WITHIN",
			}
			}
		]
		}
	]
}
Parameters
API/tokens/ - POST
DescriptionCreates a new token in the system
Response
{
	"id": "ncSbdn91BEHx6GHNWHt_iQ",
	"sharedKeyId": "ncSbdn91BEHx6GHNWHt_iQ",
	"created": "2016-06-15T10:43:42.462+0000",
	"expiration": "2017-02-08T11:58:00.000+0000",
	"tenant": {
		"id": "MyTenant",
		"name": "My Tenant",
		"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
	},
	"status": "ACTIVE",
	"type": "PERMANENT",
	"subjectId": "ddfgdfg",
	"permissions": [
		{
		"entity": "*",
		"operation": "*",
		"permissionSelector": {
			"selectorType": "WITHIN",
		}
		}
	]
}
Parameters
API/tokens/{id} - GET
DescriptionReturns the token with the specified Id
Response
		
{
	"id": "ncSbdn91BEHx6GHNWHt_iQ",
	"sharedKeyId": "ncSbdn91BEHx6GHNWHt_iQ",
	"created": "2016-06-15T10:43:42.462+0000",
	"expiration": "2017-02-08T11:58:00.000+0000",
	"tenant": {
		"id": "MyTenant",
		"name": "My Tenant",
		"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
	},
	"status": "ACTIVE",
	"type": "PERMANENT",
	"subjectId": "ddfgdfg",
	"permissions": [
		{
		"entity": "*",
		"operation": "*",
		"permissionSelector": {
			"selectorType": "WITHIN",
			"resource": {
			}
		}
		}
	]
}
Parameters
API/tokens/{id}/archived - POST
DescriptionArchives the token with the specified id
Response
{
	"id": "Jv2JGlGkwPKhHyaiR539UQ",
	"sharedKeyId": "Jv2JGlGkwPKhHyaiR539UQ",
	"created": "2016-06-23T08:58:30.232+0000",
	"expiration": "2016-06-23T09:14:54.743+0000",
	"tenant": {
		"id": "MyTenant",
		"name": "My Tenant",
		"authenticationModalities": "FIDO;PIN;FINGERPRINT;DEVICE;FACE;VOICE;VOICE_LIVENESS"
	},
	"status": "ARCHIVED",
	"cookie": "aZ_KdNRqHohtIo-tyJg",
	"type": "SESSION",
	"subjectId": "uid=haIdx,ou=People,dc=idx,dc=com",
	"permissions": [
		{
		"entity": "*",
		"operation": "*",
		"permissionSelector": {
			"selectorType": "WITHIN",
		}
		}
	]
}
Parameters

User API’s

API/users - GET
DescriptionReturns users from the system
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://www.mydomain.com/mytenant/rest/v1/users?userId=J*&page=1&limit=2",
		"previous": "https://www.mydomain.com/mytenant/rest/v1/users?userId=J*&page=3&limit=2",
		"next": "https://www.mydomain.com/mytenant/rest/v1/users?userId=J*&page=5&limit=2",
		"last": "https://www.mydomain.com/mytenant/rest/v1/users?userId=J*&page=6&limit=2"
	},
	"items": [
		{
		"id": "QTAzJi8PxRqb5tQSa0iM3d1AaA",
		"userId": "JackJones",
		"firstName": "Jack",
		"lastName": "Jones",
		"created": "2016-06-22T13:07:54.304+0000",
		"updated": "2016-06-22T13:07:54.304+0000",
		"pinEnrolled": false,
		"faceEnrolled": false,
		"voiceEnrolled": false,
		"voiceDigitsEnrolled": false,
		"status": "ACTIVE",
		},
		{
		"id": "QTAzENhQ7S7j9XcjCTEETG9fjg",
		"userId": "JohnSmith147",
		"firstName": "John",
		"lastName": "Smith",
		"created": "2016-06-22T10:45:59.895+0000",
		"updated": "2016-06-22T10:45:59.895+0000",
		"pinEnrolled": false,
		"faceEnrolled": false,
		"voiceEnrolled": false,
		"voiceDigitsEnrolled": false,
		"status": "ACTIVE",
		}
	]
}
Parameters
API/users/{id} - GET
DescriptionReturns the user with the specified Id
Response
{
	"id": "QTAzm0sQJDDWqSHJVckfzA1RDg",
	"userId": "JohnSmith147",
	"created": "2016-06-03T10:49:21.819+0000",
	"language": "en_IE",
	"speakerId": "fd77ebea-f100-479d-a9e6-285d1121b104",
	"face": {
		"imageType": "JPG",
		},
	"voiceTextDependent": [
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		},
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		},
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
	}
	],
	"pinEnrolled": true,
	"faceEnrolled": true,
	"voiceEnrolled": true,
	"failedVerificationCount": 0,
	"accountUnlockedCount": 0,
	"status": "ACTIVE",
}
Parameters
API/users/ - POST
DescriptionCreates a new user in the system
Response
{
	"id": "QTAzm0sQJDDWqSHJVckfzA1RDg",
	"userId": "JohnSmith147",
	"firstName": "John",
	"lastName": "Smith",
	"created": "2016-06-22T10:45:59.895+0000",
	"updated": "2016-06-22T10:45:59.895+0000",
	"status": "ACTIVE",
}
Parameters
API/users/{id} - POST
DescriptionUpdates the user with the specified Id and returns the updated user
Response
{
	"id": "QTAzm0sQJDDWqSHJVckfzA1RDg",
	"userId": "JohnSmith147",
	"firstName": "John",
	"lastName": "Smith",
	"created": "2016-06-22T10:45:59.895+0000",
	"updated": "2016-06-25T11:33:25.111+0000",
	"language": "en_IE",
	"speakerId": "fd77ebea-f100-479d-a9e6-285d1121b104",
	"pinEnrolled": false,
	"faceEnrolled": false,
	"voiceEnrolled": false,
	"failedVerificationCount": 0,
	"accountUnlockedCount": 0,
	"status": "ACTIVE",
}
Parameters
API/users/{id}/archived - POST
DescriptionArchives the user with the specified id
Response
{
	"id": "QTAzm0sQJDDWqSHJVckfzA1RDg",
	"userId": "JohnSmith147",
	"archived": "2016-04-17T11:01:27.799+0000",
	"created": "2016-06-03T10:49:21.819+0000",
	"language": "en_IE",
	"speakerId": "fd77ebea-f100-479d-a9e6-285d1121b104",
	"face": {
		"imageType": "JPG",
	},
	"voiceTextDependent": [
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		},
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		},
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		}
	],
	"pinEnrolled": true,
	"faceEnrolled": true,
	"voiceEnrolled": true,
	"failedVerificationCount": 0,
	"accountUnlockedCount": 0,
	"status": "ARCHIVED",
}
Parameters
API/users/{id}/blocked - DELETE
DescriptionUnblocks the user with the specified id
Response
{
	"id": "QTAzm0sQJDDWqSHJVckfzA1RDg",
	"userId": "JohnSmith147",
	"created": "2016-06-03T10:49:21.819+0000",
	"language": "en_IE",
	"speakerId": "fd77ebea-f100-479d-a9e6-285d1121b104",
	"face": {
		"imageType": "JPG",
	},
	"voiceTextDependent": [
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		},
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		},
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		}
	],
	"pinEnrolled": true,
	"faceEnrolled": true,
	"voiceEnrolled": true,
	"failedVerificationCount": 0,
	"accountUnlockedCount": 0,
	"status": "ACTIVE",
}
Parameters
API/users/{id}/blocked - POST
DescriptionBlocks the user with the specified id
Response
{
	"id": "QTAzm0sQJDDWqSHJVckfzA1RDg",
	"userId": "JohnSmith147",
	"created": "2016-06-03T10:49:21.819+0000",
	"language": "en_IE",
	"speakerId": "fd77ebea-f100-479d-a9e6-285d1121b104",
	"face": {
		"imageType": "JPG",
	},
	"voiceTextDependent": [
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		},
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		},
		{
		"format": "WAV",
		"utterance": "My identity is secure because my voice is my passport. Verify me.",
		"backgroundModelName": "VP934EnUsTDP101A11C001DV01",
		}
	],
	"pinEnrolled": true,
	"faceEnrolled": true,
	"voiceEnrolled": true,
	"failedVerificationCount": 0,
	"accountUnlockedCount": 0,
	"status": "BLOCKED",
}
Parameters
API/users/{id}/authenticators - GET
DescriptionReturns authenticators for the user with the specified id
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/authenticators?page=1&limit=2",
		"previous": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/authenticators?page=3&limit=2",
		"next": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/authenticators?page=5&limit=2",
		"last": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/authenticators?page=6&limit=2"
	},
	"items": [
		{
		"id": "QTAzmmKE7aAge9R57sTTw2WCOQ",
		"authenticatorId": "d33fe7dafa50cfcb33b7e2a5e6f3f443654722cd8ef885358b4c4ae69b4ad007",
		"created": "2016-06-03T10:49:26.183+0000",
		"enrollmentLatitude": "53.349283",
		"enrollmentLongitude": "-6.251405",
		"make": "Apple",
		"model": "iPhone 6",
		"osVersion": "iPhone OS 9.3.2",
		"frameworkVersion": "3.2.10.334/3.2.1.1",
		"status": "ACTIVE",
		"type": "IX",
		"pushNotificationToken": "29122c2671d0d1c411679666632b6ef6a073e312a4ae69f1b68e625d69599cc0",
		},
		{
		
		"id": "QTAzui454MpiPZ9cpOrURtgLIQ",
		"authenticatorId": "-Ax_DLZCRqedy_e0yvw02w6Ral3RjyRv-2GnlAqfxqY",
		"created": "2016-04-08T15:01:40.020+0000",
		"make": "b70ff2b3-fae0-4118-8f68-b5c36d339eea",
		"model": "b70ff2b3-fae0-4118-8f68-b5c36d339eea",
		"authenticatorCounter": 0,
		"publicKeyId": "-Ax_DLZCRqedy_e0yvw02w6Ral3RjyRv-2GnlAqfxqY",
		"status": "ACTIVE",
		"type": "FI",
		}
	]
}
Parameters
API/users/{id}/registrations - GET
DescriptionReturns a page of registrations for the user with the specified Id
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 1
	},
	"paging": {
		"first": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/users?page=1&limit=2",
		"previous": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/users?page=3&limit=2",
		"next": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/users?page=5&limit=2",
		"last": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/users?page=6&limit=2"
	},
		"items": [
		{
		"id": "QTAzSZrwvDz428csGy3rvpElBw",
		"registrationId": "myRegistration",
		"created": "2016-04-08T10:03:04.301+0000",
		"status": "ACTIVE",
		},
		{
		"id": "QTAzFgCXYFlc_hRWvgpoi9bB8g",
		"registrationId": "000298d4-e8e9-4a1a-9184-c44c6d577e10",
		"archived": "2016-04-08T15:07:24.696+0000",
		"created": "2016-04-08T15:07:24.603+0000",
		"status": "ARCHIVED",
		}
	]
}
Parameters
API/users/{id}/applications - GET
DescriptionReturns a page of applications for the user with the specified Id
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/applications?page=1&limit=2",
		"previous": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/applications?page=3&limit=2",
		"next": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/applications?page=5&limit=2",
		"last": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/applications?page=6&limit=2"
	},
	"items": [
		{
		"id": "QTAzMBco9x2KfONxfIY2YslnQg",
		"applicationId": "myApplication",
		"name": "My Application",
		"certificateCreated": false,
		"city": "Dublin",
		"updated": "2016-06-23T10:22:22.236+0000",
		"created": "2016-06-23T10:22:22.236+0000",
		"status": "ACTIVE",
		},
		{
		"id": "QTAz_pHQ33tu9fzpjPe2xF7waQ",
		"applicationId": "fidoApplication",
		"name": "FIDO application",
		"certificateCreated": false,
		"updated": "2016-03-16T15:05:53.539+0000",
		"created": "2016-03-16T15:05:53.539+0000",
		"fidoApplicationId": "https://fido.daon.com/fido",
		"status": "ACTIVE",
		"fidoFacets": {
			"trustedFacets": [
			{
				"version": {
				"major": 1,
				"minor": 0
				},
				"ids": [
				"https://fido.daon.com/fido",
				"https://www.daon_test_rp.com",
				"android:apk-key-hash:ppDMsrr6owRtb5lz0oK/vrofr6E"
				]
			}
			]
		},
		}
	]
}
Parameters
API/users/{id}/authenticationRequests - GET
DescriptionReturns a page of authentication requests for the user with the specified Id
Response
{
	"metadata": {
		"limit": 2,
		"page": 4,
		"totalCount": 11
	},
	"paging": {
		"first": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/authenticationRequests?page=1&limit=2",
		"previous": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/authenticationRequests?page=3&limit=2",
		"next": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/authenticationRequests?page=5&limit=2",
		"last": "https://www.mydomain.com/mytenant/rest/v1/users/QTAzENhQ7S7j9XcjCTEETG9fjg/authenticationRequests?page=6&limit=2"
	},
	"items": [
		{
		"id": "QTAzF3q5-ZGSYoSRXeJtfdAyoQ",
		"authenticationRequestId": "bCKnedNgTT746dW-5NQ-AA",
		"description": "Test auth req",
		"verificationResult": "Y",
		"expiration": "2016-06-22T12:32:06.024+0000",
		"availableRetries": 2,
		"totalRetriesAllowed": 3,
		"processed": "2016-06-22T12:17:49.954+0000",
		"oneTimePasswordEnabled": true,
		"created": "2016-06-22T12:17:15.951+0000",
		"recurring": false,
		"otpTotalRetriesAllowed": 3,
		"otpAvailableRetries": 3,
		"addAuthenticator": false,
		"type": "IX",
		"status": "COMPLETED_SUCCESSFUL",
		},
		{
		"id": "QTAzpQUcLcdiu8Nz0yjcs_dhVQ",
		"authenticationRequestId": "eea67973-1163-4a8c-bc0a-74d1fd65d62d1",
		"description": "D_eea67973-1163-4a8c-bc0a-74d1fd65d62d1",
		"verificationResult": "Y",
		"processed": "2016-06-22T11:39:35.306+0000",
		"created": "2016-06-22T11:38:52.003+0000",
		"type": "FI",
		"fidoChallenge": "cA9tRoPDdfUPwUtsQ1sgOg",
		"serverData": "02aa1dcd-231e-40b6-8db7-9c934b1dd868",
		"fidoResponseCode": 1200,
		"fidoResponseMsg": "Successfully Validated Authentication",
		"status": "COMPLETED_SUCCESSFUL",
		}
	]
}
Parameters
Top