Step 1) Create a FREE account with your phone number
curl -X POST \
http://2fa.onwire.com:8000/api/v1/smssignup \
-F phone=13105551212 \
-F appType=Free
Note: SMS passcode to the phone number to verify holder
JSON response
{
"details": "2FA, account created successfully.",
"error": "",
"status": 0
}
--------------------------------------------------------------
Step 2) Authenticate your phone number ( SMS is sent with a passcode that you need to send back in the API)
curl -X POST \
http://2fa.onwire.com:8000/api/v1/verifysms \
-F phone=13105551212 \
-F passcode=007234
Note: Passcode sent to SMS must be send back in this API to authenticate your phone number.
JSON response
{
"details": "2FA, phone number is authenticated :)",
"error": "",
"status": 0
}
Note: You MUST confirm your phone before you can use service API's
--------------------------------------------------------------
Step 3) Generate your credentials and 2FA Qrcode
Note: you can use any email, phone number or username in account field
and any company name or issuer in issuer field
curl -X POST \
http://2fa.onwire.com:8000/api/v1/generatetoken \
-F account=demo@nowhere.com \
-F issuer=onwire \
-F phone=13105551212
JSON response
{
"details": "https://s3-us-west-2.amazonaws.com/junky/MR3WS2TRNF4HI43LNZYXAZ3C12345.png",
"error": "",
"status": 0
}
Note: Your Bearer will be send as SMS to registered phone and QRcode is emailed to your account.
Download google (G) authenticator or AUTHY and open image URL below in a browser to be able to scan it into your 2FA app
--------------------------------------------------------------
Step 4) Scan QRcode using google authenticator or AUTHY app from Step 3 above
Note: open the above URL in browser or image viewer and scan the QRcode with your G authenticator
--------------------------------------------------------------
Step 5) 2FA Authenticate against the system using 6 digits code showing on your G authenticator or received by Push Authentication API (see step 6)
curl -X POST \
http://2fa.onwire.com:8000/api/v1/authenticatetoken \
-H 'Authentication: Bearer ' \
-F account=demo@nowhere.com \
-F token=677739
NOTE: this API requires a special auth token header that was sent as an SMS to your phone
'Authentication: Bearer '
A) account field contains username.
B) After 15 times you have exceeded your quota for the day.
example:
{
"details": null,
"error": "Sorry, Quota Exceeded!",
"status": -1
}
- or -
{
"details": "Token Authenticated :)",
"error": "",
"status": 0
}
- or -
{
"details": null,
"error": "Sorry, Quota Exceeded!",
"status": -1
}
- or -
{
"details": null,
"error": "Sorry, Not Authenticated",
"status": -1
}
--------------------------------------------------------------
Step 6) Push Authentication code (like Google Authenticator) to phone via SMS. This is used for people who dont want to use G authenticator or other apps and want to stick to SMS or compliment the app.
curl -X POST \
http://2fa.onwire.com:8000/api/v1/pushauth \
-F phone=13105551212
JSON response
{
"details": "2FA, Push Authorization 867119 Sent out.",
"error": "",
"status": 0
}
--------------------------------------------------------------
Step 7) Quick reporting
curl -X POST \
http://2fa.onwire.com:8000/api/v1/reporting \
-F phone=13105551212 \
-F account=demo@nowhere.com
JSON Response
{
"details": {
"phone": "13105551212",
"pin": "421127",
"accType": "Free",
"email": "sdemo@nowhere.com",
"issuer": "onwire",
"creation": "2020-02-27 23:41:15",
"updates": "2020-02-27 23:41:15",
"quota": "8",
"usage": "2"
},
"error": "",
"status": 0
}