Send Login Code

curl --request POST \
  --url https://api.dfns.io/auth/login/code \
  --header 'Content-Type: application/json' \
  --data '
{
  "username": "<string>",
  "orgId": "or-30tnh-itmjs-s235s5ontr3r23h2",
  "accountId": "acct-24hka-dhili-9hgvdlvr1ohpibp4"
}
'

{
  "message": "<string>"
}

Send Login Code

Sends a temporary one time code to the user that can be used during login flow.

If the user has a credential of kind PasswordProtectedKey a temporary one time code needs to be passed in the loginCode field. That’s because the Create Login Challenge is unauthenticated and returns the encrypted private key of the user. So we need a first step to verify the identity of the user to prevent anybody from fetching the encrypted private key and trying to brute force it offline.

POST

auth

code

Send Login Code

curl --request POST \
  --url https://api.dfns.io/auth/login/code \
  --header 'Content-Type: application/json' \
  --data '
{
  "username": "<string>",
  "orgId": "or-30tnh-itmjs-s235s5ontr3r23h2",
  "accountId": "acct-24hka-dhili-9hgvdlvr1ohpibp4"
}
'

{
  "message": "<string>"
}

Authentication

No authentication required.

Required Permissions

No authentication required.

Body

application/json

username

string

required

Username/identifier of the user to send the login code to.

orgId

string

Organization id.

Required string length: 1 - 64

Pattern: ^or-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$

Example:

"or-30tnh-itmjs-s235s5ontr3r23h2"

accountId

string

Account id.

Required string length: 1 - 64

Pattern: ^acct-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$

Example:

"acct-24hka-dhili-9hgvdlvr1ohpibp4"

Response

200 - application/json

Success

message

string

required

Human-readable success message.

Last modified on June 12, 2026

Authentication flows

Create Login Challenge

⌘I

​Authentication

​Required Permissions

Body

Response

Authentication

Required Permissions