MFA / 2FA Authentication API for FREE Accounts - HTTP POST and parameters are HTTP FORM alike

    
Step 1) Create a FREE account with your phone number

curl -X POST \
  http://2fa.onwire.com:8000/api/v1/smssignup \
  -F phone=13105551212 \
  -F appType=Free


Note: SMS passcode to the phone number to verify holder


JSON response

{
    "details": "2FA, account created successfully.",
    "error": "",
    "status": 0
}


--------------------------------------------------------------

Step 2) Authenticate your phone number ( SMS is sent with a passcode that you need to send back in the API)


curl -X POST \
  http://2fa.onwire.com:8000/api/v1/verifysms \
  -F phone=13105551212 \
  -F passcode=007234

Note: Passcode sent to SMS must be send back in this API to authenticate your phone number.


JSON response

{
    "details": "2FA, phone number is authenticated :)",
    "error": "",
    "status": 0
}

Note: You MUST confirm your phone before you can use service API's

--------------------------------------------------------------

Step 3) Generate your credentials and 2FA Qrcode 

Note: you can use any email, phone number or username in account field 
and any company name or issuer in issuer field

curl -X POST \
  http://2fa.onwire.com:8000/api/v1/generatetoken \
  -F account=demo@nowhere.com \
  -F issuer=onwire \
  -F phone=13105551212

JSON response

{
    "details": "https://s3-us-west-2.amazonaws.com/junky/MR3WS2TRNF4HI43LNZYXAZ3C12345.png",
    "error": "",
    "status": 0
}


Note: Your Bearer   will be send as SMS to registered phone and QRcode is emailed to your account.  
Download google (G) authenticator or AUTHY and open image URL below in a browser to be able to scan it into your 2FA app


--------------------------------------------------------------

Step 4) Scan QRcode using google authenticator or AUTHY app from Step 3 above



Note: open the above URL in browser or image viewer and scan the QRcode with your G authenticator

--------------------------------------------------------------

Step 5) 2FA Authenticate against the system using 6 digits code showing on your G authenticator or received by Push Authentication API (see step 6)


curl -X POST \
  http://2fa.onwire.com:8000/api/v1/authenticatetoken \
  -H 'Authentication: Bearer ' \
  -F account=demo@nowhere.com \
  -F token=677739


NOTE: this API requires a special auth token header that was sent as an SMS to your phone

'Authentication: Bearer '   


A) account field contains username. 
B) After 15 times you have exceeded your quota for the day.

example:

{
    "details": null,
    "error": "Sorry, Quota Exceeded!",
    "status": -1
}

- or - 

{
    "details": "Token Authenticated :)",
    "error": "",
    "status": 0
}

- or - 

{
    "details": null,
    "error": "Sorry, Quota Exceeded!",
    "status": -1
}

- or - 

{
    "details": null,
    "error": "Sorry, Not Authenticated",
    "status": -1
}

--------------------------------------------------------------

Step 6) Push Authentication code (like Google Authenticator) to phone via SMS.  This is used for people who dont want to use G authenticator or other apps and want to stick to SMS or compliment the app.  

curl -X POST \
  http://2fa.onwire.com:8000/api/v1/pushauth \
  -F phone=13105551212


JSON response

{
    "details": "2FA, Push Authorization 867119 Sent out.",
    "error": "",
    "status": 0
}



--------------------------------------------------------------

Step 7) Quick reporting


curl -X POST \
  http://2fa.onwire.com:8000/api/v1/reporting \
  -F phone=13105551212 \
  -F account=demo@nowhere.com


JSON Response

{
    "details": {
        "phone": "13105551212",
        "pin": "421127",
        "accType": "Free",
        "email": "sdemo@nowhere.com",
        "issuer": "onwire",
        "creation": "2020-02-27 23:41:15",
        "updates": "2020-02-27 23:41:15",
        "quota": "8",
        "usage": "2"
    },
    "error": "",
    "status": 0
}