Complete User Login

curl --request POST \
  --url https://api.dfns.io/auth/login \
  --header 'Content-Type: application/json' \
  --data '{
  "challengeIdentifier": "<string>",
  "firstFactor": {
    "kind": "Fido2",
    "credentialAssertion": {
      "credId": "<string>",
      "clientData": "<string>",
      "signature": "<string>",
      "algorithm": "RSA-SHA256",
      "authenticatorData": "<string>",
      "userHandle": "<string>"
    }
  },
  "secondFactor": {
    "kind": "Fido2",
    "credentialAssertion": {
      "credId": "<string>",
      "clientData": "<string>",
      "signature": "<string>",
      "algorithm": "RSA-SHA256",
      "authenticatorData": "<string>",
      "userHandle": "<string>"
    }
  }
}'

{
  "token": "<string>"
}

Complete User Login

Completes the login process and provides the authenticated user with their authentication token.

The type of credentials used to login is determined by the kind field in the nested objects (firstFactor and secondFactor). Supported credential kinds are:

Fido2: Login challenge is signed by a user’s signing device using WebAuthn.
Key: Login challenge is signed by a user’s private key.
PasswordProtectedKey: Login challenge is signed by the decrypted user’s private key that was sent during Create User Login Challenge step.

POST

auth

Complete User Login

curl --request POST \
  --url https://api.dfns.io/auth/login \
  --header 'Content-Type: application/json' \
  --data '{
  "challengeIdentifier": "<string>",
  "firstFactor": {
    "kind": "Fido2",
    "credentialAssertion": {
      "credId": "<string>",
      "clientData": "<string>",
      "signature": "<string>",
      "algorithm": "RSA-SHA256",
      "authenticatorData": "<string>",
      "userHandle": "<string>"
    }
  },
  "secondFactor": {
    "kind": "Fido2",
    "credentialAssertion": {
      "credId": "<string>",
      "clientData": "<string>",
      "signature": "<string>",
      "algorithm": "RSA-SHA256",
      "authenticatorData": "<string>",
      "userHandle": "<string>"
    }
  }
}'

{
  "token": "<string>"
}

Authentication

No authentication required.

Required Permissions

No authentication required.

Body

application/json

challengeIdentifier

string

required

Temporary authentication token returned by the Create Challenge endpoint.

firstFactor

object

required

First factor credential used to sign the challenge. Use a Fido2 Credential, also known as Passkeys or WebauthN credential.

Fido2/Passkeys
Public/Private key pair
Password-protected Key
<Deprecated> Password

Show child attributes

secondFactor

object

Second factor credential used to authenticate a user. Use a Fido2 Credential, also known as Passkeys or WebauthN credential.

Fido2/Passkeys
Public/Private key pair
Password-protected Key
<Deprecated> TOTP

Show child attributes

Response

200 - application/json

Success

Option 1
Option 2

token

string

required

Create Login Challenge

Initiate SSO Login

⌘I

API Authorization

Identity & Access Management

Wallets & Transactions

Management

Webhooks

Complete User Login

Authentication

Required Permissions

Body

Response

API Authorization

Identity & Access Management

Wallets & Transactions

Management

Webhooks

​Authentication

​Required Permissions

Body

Response

Authentication

Required Permissions