diff options
| author | lain <lain@soykaf.club> | 2020-05-07 08:14:54 +0000 |
|---|---|---|
| committer | lain <lain@soykaf.club> | 2020-05-07 08:14:54 +0000 |
| commit | f4c2bf0985f3d65d9caa6f02a71c89db9f070fb1 (patch) | |
| tree | a7f4ece6dcd0a534b464e455fa382d3ebd8f4d07 /docs/API/pleroma_api.md | |
| parent | 68a126317d7cdd670c8e244319da08ff85639d33 (diff) | |
| parent | 3d0c567fbc3506770fdac5f1269c45b244928747 (diff) | |
| download | pleroma-f4c2bf0985f3d65d9caa6f02a71c89db9f070fb1.tar.gz | |
Merge branch 'issue/209' into 'develop'
[#209] 2FA/two_factor_authentication support
See merge request pleroma/pleroma!801
Diffstat (limited to 'docs/API/pleroma_api.md')
| -rw-r--r-- | docs/API/pleroma_api.md | 44 |
1 files changed, 43 insertions, 1 deletions
diff --git a/docs/API/pleroma_api.md b/docs/API/pleroma_api.md index b927be026..5895613a3 100644 --- a/docs/API/pleroma_api.md +++ b/docs/API/pleroma_api.md @@ -70,7 +70,49 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * Response: JSON. Returns `{"status": "success"}` if the account was successfully disabled, `{"error": "[error message]"}` otherwise * Example response: `{"error": "Invalid password."}` -## `/api/pleroma/admin/`… +## `/api/pleroma/accounts/mfa` +#### Gets current MFA settings +* method: `GET` +* Authentication: required +* OAuth scope: `read:security` +* Response: JSON. Returns `{"enabled": "false", "totp": false }` + +## `/api/pleroma/accounts/mfa/setup/totp` +#### Pre-setup the MFA/TOTP method +* method: `GET` +* Authentication: required +* OAuth scope: `write:security` +* Response: JSON. Returns `{"key": [secret_key], "provisioning_uri": "[qr code uri]" }` when successful, otherwise returns HTTP 422 `{"error": "error_msg"}` + +## `/api/pleroma/accounts/mfa/confirm/totp` +#### Confirms & enables MFA/TOTP support for user account. +* method: `POST` +* Authentication: required +* OAuth scope: `write:security` +* Params: + * `password`: user's password + * `code`: token from TOTP App +* Response: JSON. Returns `{}` if the enable was successful, HTTP 422 `{"error": "[error message]"}` otherwise + + +## `/api/pleroma/accounts/mfa/totp` +#### Disables MFA/TOTP method for user account. +* method: `DELETE` +* Authentication: required +* OAuth scope: `write:security` +* Params: + * `password`: user's password +* Response: JSON. Returns `{}` if the disable was successful, HTTP 422 `{"error": "[error message]"}` otherwise +* Example response: `{"error": "Invalid password."}` + +## `/api/pleroma/accounts/mfa/backup_codes` +#### Generstes backup codes MFA for user account. +* method: `GET` +* Authentication: required +* OAuth scope: `write:security` +* Response: JSON. Returns `{"codes": codes}`when successful, otherwise HTTP 422 `{"error": "[error message]"}` + +## `/api/pleroma/admin/` See [Admin-API](admin_api.md) ## `/api/v1/pleroma/notifications/read` |