Domain URL: https://a.authsafe.ai/v1
Headers:"authorization: Basic {API KEY}"
"content-type: application/json
API Key:
API KEY = BASE64 (PROPERTYID:PROPERTYSECRET)
PROPERTYID: The Property ID can be obtained from Settings > API Keys
PROPERTYSECRET: Property Secret can be obtained from Settings > API Keys
Now, the login attempt and reset password attempt calls:
Login Attempt:
URL: https://a.authsafe.ai/v1/login
Request parameters to be sent in JSON encoded format.
| Field | Description |
| user’s email address. | |
| username | user’s username. |
| h | an array with host of values as follows: ip = IP Address ua = User Agent string ho = HTTP_HOST string rf = HTTP_REFERER string ac = HTTP ACCEPT information a = HTTP_ACCEPT string ac = HTTP_ACCEPT_CHARSET string ae = HTTP_ACCEPT_ENCODING string al = HTTP_ACCEPT_LANGUAGE url = current page’s url |
| ev | This can have two values: login_succeeded, login_failed |
| uID | This argument must have the user’s unique identification it can be a User ID, User Email, user token, or any alphanumeric code that is unique to the user and is static over all his sessions. |
| dID | The device ID value taken from javascript in Phase II point 1) above. |
| uex | User’s extra information. This will be in array/dictionary format as follows |
RESPONSE:
The RESPONSE will be in JSON format with the following values:
| allow | Allow the user to log in |
| challenge | User has shown some suspicious activities. You can let them know by sending an email about the activity and asking them some queries to confirm if it is them or giving some challenge. |
| deny | The user’s device is compromised had to be denied login. The user must verify the device physically or via email or phone number to login. |