We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When a user is challenged to produce an additional authentication when a certain API is accessed by the client does not have the needed scope.
sequenceDiagram title Stepped-up Authentication actor Person participant Browser participant Website participant Auth Server participant API autonumber Website->>API: request some endpoint API->>API: Enforce<br> presence of <br> 'otp' scope<br> in access_token API->>Website: 3. 401 Unauthorized<br>WWW-Authenticate: Bearer error="insufficient_user_authentication" Website->>Browser: Enforce additional challenge on the user<br> (Enter OTP) Person->>Browser:Enter OTP Browser->>Auth Server: /authorize endpoint Auth Server->>Auth Server:Validate OTP (Person authentication script) Auth Server->>Auth Server: Modify scope of AT to include OTP (Update token script) Auth Server->> Website: Return Access Token with scope containing OTP
The text was updated successfully, but these errors were encountered:
fix(docs): #4881 improvised
c312b38
fix(docs): #4881 improvised (#5035)
065edad
fix(docs): #4881
a12fdc5
Included Stepped-up Authentication in navigation
fix(docs): #4881 (#5036)
ccf7107
fix(docs): minor addition #4881
6a98192
#4881
fix(docs): minor addition #4881 (#5083)
948b9aa
maduvena
moabu
No branches or pull requests
When a user is challenged to produce an additional authentication when a certain API is accessed by the client does not have the needed scope.
The text was updated successfully, but these errors were encountered: