MFA Server API Documentation
The RapidIdentity MFA Server API documentation contains both RESTful and SOAP APIs and will eventually be exclusively RESTful APIs.The APIs on this page correspond to RapidIdentity MFA Server versions beginning with 4.9.2.
Add User
A REST call to add a user.
POST /restservices/restservice.svc/AddUser
curl --request POST \ --url http://<MFAServerHostname>/restservices/restservice.svc/AddUser \ --data '{"userName":<string>,"domainName":<string>,"email":<string>,"language":<string>,"authSet":<string>,"roles":<string>,"carrier":<string>,"phone":<string>,"apiKey":<string>}'
{ "userName":<string>, "domainName":<string>, "email":<string>, "language":<string>, "authSet":<string>, "roles":<string>, "carrier":<string>, "phone":<string>, "apiKey":<string> }
{ "status": "success", "Result": "<userName> Saved successfully" }
Create API Key
A REST call to create an API key for a specific, fully qualified domain name (FQDN). A successful response returns the API Key unique ID.
POST /restservices/restservice.svc/CreateAPIkey
curl --request POST \ --url https://<MFAServerHostname>/restservices/restservice.svc/CreateAPIkey \ --data '{"fqdn":"test123","apiKey":"12345678"}'
{ "fqdn":"test123", "apiKey":"12345678" }
{ "status":"success", "Result":"db1199fc-af9d-4fb6-b692-7c078acd02c3" }
Decrypt Value
A SOAP call to decrypt a given encrypted value (hexadecimal string received from EncryptValue), using "name" as the salt.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type:text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <DecryptValue xmlns="MFAServerHostname>"> <name>string</name> <encryptedValue>theHexadecimalString</encryptedValue> <apiKey>string</apiKey> </DecryptValue> </soap12:Body></soap12:Envelope>'
<soap12:Body> <DecryptValue xmlns="MFAServerHostname>"> <name>string</name> <encryptedValue>theHexadecimalString</encryptedValue> <apiKey>string</apiKey> </DecryptValue> </soap12:Body>
HTTP/1.1 200 OK Content-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <DecryptValueResponse xmlns="http://cm.2fa.com/"> <DecryptValueResult>string</DecryptValueResult> </DecryptValueResponse> </soap12:Body> </soap12:Envelope>
Decrypt Value AES
A SOAP call to decrypt a given AES encrypted value.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type:text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <DecryptValueAESxmlns="http://cm.2fa.com/"> <name>string</name> <encryptedValue>theAESEncryptedstring</encryptedValue> <apiKey>string</apiKey> </DecryptValueAES> </soap12:Body> </soap12:Envelope>'
<soap12:Body> <DecryptValueAES xmlns="http://cm.2fa.com/"> <name>string</name> <encryptedValue>theAESEncryptedstring</encryptedValue> <apiKey>string</apiKey> </DecryptValueAES> </soap12:Body>
HTTP/1.1 200 OK Content-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <DecryptValueAESResponse xmlns="http://cm.2fa.com/"> <DecryptValueAESResult>string</DecryptValueAESResult> </DecryptValueAESResponse> </soap12:Body> </soap12:Envelope>
Delete User
A REST call to delete a user.
POST /restservices/restservice.svc/DeleteUser
curl --request POST \ --url http://<MFAServerHostname>/restservices/restservice.svc/DeleteUser \ --data '{ "userName":<string>, "domainName":<string>, "apiKey":<string> }'
{ "userName":<string>, "domainName":<string>, "apiKey":<string> }
{ "status":"success", "Result":"User <Domain>\\<USERNAME> Deleted Successfully" }
Encrypt Value
A SOAP call to encrypt a given cleartext value, using "name" as the salt. The response returns a hexadecimal string representing the encrypted value.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type: text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <EncryptValue xmlns="http://<MFAServerHostname>"> <name>string</name> <cleartextValue>theStringToEncrypt</cleartextValue> <apiKey>string</apiKey> </EncryptValue> </soap12:Body> </soap12:Envelope>'
<soap12:Body> <EncryptValue xmlns="http://<MFAServerHostname>/"> <name>string</name> <cleartextValue>theStringToEncrypt</cleartextValue> <apiKey>string</apiKey> </EncryptValue> </soap12:Body>
HTTP/1.1 200 OK Content-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <EncryptValueResponse xmlns="http://cm.2fa.com/"> <EncryptValueResult>string</EncryptValueResult> </EncryptValueResponse> </soap12:Body> </soap12:Envelope>
Encrypt Value AES
A SOAP call to encrypt a given cleartext value with AES, using "name" as the salt. The response returns a hexadecimal string representing the encrypted value.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type: text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <EncryptValueAES xmlns="http://cm.2fa.com/"> <name>string</name> <cleartextValue>theStringToEncrypt</cleartextValue> <apiKey>string</apiKey> </EncryptValueAES> </soap12:Body> </soap12:Envelope>'
<soap12:Body> <EncryptValueAES xmlns="http://cm.2fa.com/"> <name>string</name> <cleartextValue>theStringToEncrypt</cleartextValue> <apiKey>string</apiKey> </EncryptValueAES> </soap12:Body>
HTTP/1.1 200 OK Content-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <EncryptValueAESResponse xmlns="http://cm.2fa.com/"> <EncryptValueAESResult>string</EncryptValueAESResult> </EncryptValueAESResponse> </soap12:Body> </soap12:Envelope>
Generate Authentication Code
A REST call to generate a user authentication code. A successful response returns an authentication code.
POST /restservices/restservice.svc/GenerateAuthCode
curl --request POST \ --url https://<MFAServerHostname>/restservices/restservice.svc/GenerateAuthCode \ --data '{ "userName":<string>,"domainName":<string>, "timeout":"seconds", "codeLength": "number","send":"true false","apiKey":<string>}'
{ "userName":<string>, "domainName":string>, "timeout":"seconds", "codeLength":"number", "send":"true false", "apiKey":<string> }
{ "status":"success", "Result":"377588" }
Get Branding Info
A REST call to obtain the organization branding information. Any POST API call should return the branding information.
POST /restservices/restservice.svc/getbrandinginfo
curl --request POST \ --url https://<MFAServerHostname>/restservices/restservice.svc/getbrandinginfo \ --data '{"username":<string>,"domainName":<string>,"apiKey":<string>}'
{ "userName":<string>, "domainName":<string", "apiKey":<string> }
{ "status": "Success", "Result": "Success", "Color": "#e80000", "Email": "user@organization.com", "EmailEnabled": true, "LogoPath": "data:image/png;base64,string" "PhoneEnabled": true, "PhoneNumber": "hello", "SplashColor": "#fffef8", "SplashPath": "data:image/png;base64,string" "Timestamp": "2017-11-29T17:31:53" }
Get Questions
A SOAP call to retrieve questions for a particular user for use with the ValidateQuestions web service SOAP call.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type: text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <GetQuestions xmlns="http://<MFAServerHostname>/"> <username>string</username> <domain>string</domain> <questions> <string>string</string> <string>string</string> </questions> <apiKey>string</apiKey> </GetQuestions> </soap12:Body> </soap12:Envelope>'
<soap12:Body> <GetQuestions xmlns="http://<MFAServerHostname>/"> <username>test2</username> <domain>domain</domain> <questions> <string>string</string> <string>string</string> </questions> <apiKey>apiKeyGoesHere</apiKey> </GetQuestions> </soap12:Body>
HTTP/1.1 200 OK Content-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <GetQuestionsResponse xmlns="http://cm.2fa.com/"> <GetQuestionsResult>string</GetQuestionsResult> <questions> <string>string</string> <string>string</string> </questions> </GetQuestionsResponse> </soap12:Body> </soap12:Envelope>
Send Mobile Provision
A REST call to send a mobile provision. A successful response returns the usernumber to which the provisioning link was sent.
POST /restservices/restservice.svc/SetMobileProvision
curl --request POST \ --url https://<MFAServerHostname>/restservices/restservice.svc/SendMobileProvision \ --data '{"username":<string>,"domainName":<string>,"apiKey":<string>}'
{ "userName":<string>, "domainName":<string>, "apiKey":<string> }
{ "status": "success", "Result": "6" }
Set User Password
A REST call to set a user's password.
POST /restservices/restservice.svc/SetUserPassword
curl --request POST \ --url https://<MFAServerHostname>/restservices/restservice.svc/SetUserPassword \ --data '{"userName":<string>,"domainName":<string>,"pwd":<string>,"apiKey":<string>}'
{ "userName":<string>, "domainName":<string>, "pwd":<string>, "apiKey":<string> }
{ "status": "success", "Result": "User <domainName>\\<userName> Password Updated Successfully" }
Set User PIN
A REST call to set a user's PIN.
POST /restservices/restservice.svc/SetUserPIN
curl --request POST \ --url https://<MFAServerHostname>/restservices/restservice.svc/SetUserPin \ --data '{"userName":<string>,"domainName":<string>,"pin":<string>,"forceChange":"true","apiKey":<string>}'
{ "userName":<string>, "domainName":<string>, "pin":<string>, "forceChange":"true", "apiKey":<string> }
{ "status": "success", "Result": "User <domainName>\\<userName> Pin Updated Successfully" }
Update User
A REST call to update a user's state with respect to an authentication Set.
POST /restservices/restservice.svc/UpdateUser
curl --request POST \ --url https://<MFAServerHostname>/restservices/restservice.svc/UpdateUser \ --data '{ "userID":<string>, "userName":<string>,"domainName":<string>,"email":<string>,"language":<string>,"authSet":<string>,"roles":<string>,"carrier":<string>,"phone":<string>,"state":<string>,"apiKey":<string>}'
{ "userID":<string>, "userName":<string>, "domainName":<string>, "email":<string>, "language":<string>, "authSet":<string>, "roles":<string>, "carrier":<string>, "phone":<string>, "state":<string>, "apiKey":<string> }
{ "status": "success", "Result": "success" }
User Exists
A REST call to determine whether a user exists with respect to RapidIdentity MFA Server. A successful response returns the userID.
POST /restservices/restservice.svc/UserExists
curl --request POST \ --url https://<MFAServerHostname>/restservices/restservice.svc/UserExists \ --data '{"userName":<string>,"domainName":<string>,"apiKey":<string>}'
{ "userName":<string>, "domainName":<string>, "apiKey":<string> }
{ "status": "success", "Result": "159" }
Validate Authentication Code
A SOAP call to determine whether a user authentication code is valid. The response returns a boolean with respect to the code, with True indicating a valid code and False indicating an invalid code.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type: text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidateAuthCode xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <authCode>string</authCode> <apiKey>string</apiKey> </ValidateAuthCode> </soap12:Body> </soap12:Envelope>'
<soap12:Body> <ValidateAuthCode xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <authCode>string</authCode> <apiKey>string</apiKey> </ValidateAuthCode> </soap12:Body>
HTTP/1.1 200 OK Content-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidateAuthCodeResponse xmlns="http://cm.2fa.com/"> <ValidateAuthCodeResult>boolean</ValidateAuthCodeResult> </ValidateAuthCodeResponse> </soap12:Body> </soap12:Envelope>
Validate Authentication Token
A SOAP call to determine whether a user authentication token is valid. The response returns a boolean with respect to the code, with True indicating a valid token and False indicating an invalid token.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type: text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidateAuthToken xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <authToken>string</authToken> <apiKey>string</apiKey> </ValidateAuthToken> </soap12:Body> </soap12:Envelope>'
<soap12:Body> <ValidateAuthToken xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <authToken>string</authToken> <apiKey>string</apiKey> </ValidateAuthToken> </soap12:Body>
HTTP/1.1 200 OK Content-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?><soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidateAuthTokenResponse xmlns="http://cm.2fa.com/"> <ValidateAuthTokenResult>boolean</ValidateAuthTokenResult> </ValidateAuthCodeResponse> </soap12:Body> </soap12:Envelope>
Validate Card
A SOAP call to determine whether a card is valid. The response returns a boolean with respect to the card, with True indicating a valid card and False indicating an invalid card.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type: text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidateCard xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <cardInformation>string</cardInformation> <pin>string</pin> <apiKey>string</apiKey> </ValidateCard> </soap12:Body> </soap12:Envelope>'
<soap12:Body> <ValidateCard xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <cardInformation>string</cardInformation> <pin>string</pin> <apiKey>string</apiKey> </ValidateCard> </soap12:Body>
HTTP/1.1 200 OKContent-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidateCardResponse xmlns="http://cm.2fa.com/"> <ValidateCardResult>boolean</ValidateCardResult> </ValidateCardResponse> </soap12:Body> </soap12:Envelope>
Validate OTP
A SOAP call to determine whether a one-time password is valid. The response returns a boolean with respect to the OTP, with True indicating a valid OTP and False indicating an invalid OTP.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type: text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidateOTP xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <OTP>string</OTP> <apiKey>string</apiKey> </ValidateOTP> </soap12:Body> </soap12:Envelope>'
<soap12:Body> <ValidateOTP xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <OTP>string</OTP> <apiKey>string</apiKey> </ValidateOTP> </soap12:Body>
HTTP/1.1 200 OK Content-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidateOTPResponse xmlns="http://cm.2fa.com/"> <ValidateOTPResult>boolean</ValidateOTPResult> </ValidateOTPResponse> </soap12:Body> </soap12:Envelope>
Validate Push
A SOAP call to determine whether PingMe is valid with respect to the username and the domain. The value loginTo indicates the endpoint to which the user lands after successful authentication (e.g. Portal).
The response returns a boolean, with True indicating PingMe is valid and False indicating PingMe is not valid.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type: text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidateOTP xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <OTP>string</OTP> <apiKey>string</apiKey> </ValidateOTP> </soap12:Body> </soap12:Envelope>'
<soap12:Body> <ValidatePush xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <loginTo>string</loginTo> <ipAddress>string</ipAddress> <apiKey>string</apiKey> </ValidatePush> </soap12:Body>
HTTP/1.1 200 OK Content-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidatePushResponse xmlns="http://cm.2fa.com/"> <ValidatePushResult>boolean</ValidatePushResult> </ValidatePushResponse> </soap12:Body> </soap12:Envelope>
Validate Push Custom
A SOAP call to determine whether PingMe is valid with respect to the username and the domain, however, it differs from Validate Push in two ways: a customMessage and customTimeout can be included, and the loginTo element is not required; Validate Push Custom replaces the default Validate Push text with admin-defined text.
The response returns a boolean, with True indicating Push Custom is valid and False indicating Push Custom is not valid.
POST /ValidateService.asmx
curl --request POST \ --url http://<MFAServerHostname>/ValidateService.asmx \ --header 'content-type: text/xml' \ --data '<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidatePushCustom xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <customMessage>string</customMessage> <customTimeout>string</customTimeout> <apiKey>string</apiKey> </ValidatePushCustom> </soap12:Body> </soap12:Envelope>'
<soap12:Body> <ValidatePushCustom xmlns="http://cm.2fa.com/"> <username>string</username> <domain>string</domain> <customMessage>string</customMessage> <customTimeout>string</customTimeout> <apiKey>string</apiKey> </ValidatePushCustom> </soap12:Body>
HTTP/1.1 200 OK Content-Type: application/soap+xml; charset=utf-8 Content-Length: length <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <ValidatePushCustomResponse xmlns="http://cm.2fa.com/"> <ValidatePushCustomResult>boolean</ValidatePushCustomResult> </ValidatePushCustomResponse> </soap12:Body> </soap12:Envelope>