Step 1) Create a FREE account with your phone number curl -X POST \ http://2fa.onwire.com:8000/api/v1/smssignup \ -F phone=13105551212 \ -F appType=Free Note: SMS passcode to the phone number to verify holder JSON response { "details": "2FA, account created successfully.", "error": "", "status": 0 } -------------------------------------------------------------- Step 2) Authenticate your phone number ( SMS is sent with a passcode that you need to send back in the API) curl -X POST \ http://2fa.onwire.com:8000/api/v1/verifysms \ -F phone=13105551212 \ -F passcode=007234 Note: Passcode sent to SMS must be send back in this API to authenticate your phone number. JSON response { "details": "2FA, phone number is authenticated :)", "error": "", "status": 0 } Note: You MUST confirm your phone before you can use service API's -------------------------------------------------------------- Step 3) Generate your credentials and 2FA Qrcode Note: you can use any email, phone number or username in account field and any company name or issuer in issuer field curl -X POST \ http://2fa.onwire.com:8000/api/v1/generatetoken \ -F account=demo@nowhere.com \ -F issuer=onwire \ -F phone=13105551212 JSON response { "details": "https://s3-us-west-2.amazonaws.com/junky/MR3WS2TRNF4HI43LNZYXAZ3C12345.png", "error": "", "status": 0 } Note: Your Bearerwill be send as SMS to registered phone and QRcode is emailed to your account. Download google (G) authenticator or AUTHY and open image URL below in a browser to be able to scan it into your 2FA app -------------------------------------------------------------- Step 4) Scan QRcode using google authenticator or AUTHY app from Step 3 above Note: open the above URL in browser or image viewer and scan the QRcode with your G authenticator -------------------------------------------------------------- Step 5) 2FA Authenticate against the system using 6 digits code showing on your G authenticator or received by Push Authentication API (see step 6) curl -X POST \ http://2fa.onwire.com:8000/api/v1/authenticatetoken \ -H 'Authentication: Bearer ' \ -F account=demo@nowhere.com \ -F token=677739 NOTE: this API requires a special auth token header that was sent as an SMS to your phone 'Authentication: Bearer ' A) account field contains username. B) After 15 times you have exceeded your quota for the day. example: { "details": null, "error": "Sorry, Quota Exceeded!", "status": -1 } - or - { "details": "Token Authenticated :)", "error": "", "status": 0 } - or - { "details": null, "error": "Sorry, Quota Exceeded!", "status": -1 } - or - { "details": null, "error": "Sorry, Not Authenticated", "status": -1 } -------------------------------------------------------------- Step 6) Push Authentication code (like Google Authenticator) to phone via SMS. This is used for people who dont want to use G authenticator or other apps and want to stick to SMS or compliment the app. curl -X POST \ http://2fa.onwire.com:8000/api/v1/pushauth \ -F phone=13105551212 JSON response { "details": "2FA, Push Authorization 867119 Sent out.", "error": "", "status": 0 } -------------------------------------------------------------- Step 7) Quick reporting curl -X POST \ http://2fa.onwire.com:8000/api/v1/reporting \ -F phone=13105551212 \ -F account=demo@nowhere.com JSON Response { "details": { "phone": "13105551212", "pin": "421127", "accType": "Free", "email": "sdemo@nowhere.com", "issuer": "onwire", "creation": "2020-02-27 23:41:15", "updates": "2020-02-27 23:41:15", "quota": "8", "usage": "2" }, "error": "", "status": 0 }