Create authenticator API
https://api.alert.alertinghub.co.uk/api/json/createauth
The create authenticator API allows you to create a Google-Authenticator style TOTP compliant authentication secret. As part of the creation you can ask Alerting Hub to send you the generated secret and also a QR code that you can then display or send to people as required. In addition you can also ask Alerting Hub to track the created code and subsequently use the check authenticator API call to see if the code someone has entered is valid.
Once you have created a tracked authenticator you can also, optionally, use that when sending shortlinks to recipients; you can either get Alerting Hub to display the QR code when the shortlink is clicked, or get the recipient to provide a valid code when they click the link before the link is then action properly.
JSON sample
{
"version": "latest",
"apiKey": "abcdefghijklmnopqrstuvwxyz",
"label" : "MyTest2",
"issuer" : "AcmeTrading",
"returnSecret" : true,
"returnQRCode" : true,
"keepTrack" : true
}
API parameters
| Parameter | Requirement | Default | Description |
|---|---|---|---|
| version | Mandatory | None | See API guide |
| apiKey | Mandatory | None | See API guide |
| issuer | Mandatory | None | The issuer string to use, this is the main name shown on the Google Authenticator app. |
| label | Mandatory | None | The label string to use, this is the name shown (usually in brackets) on the Google Authenticator app. |
| returnSecret | Optional | false | Whether to return the secret or not. |
| returnQRCode | Optional | false | Whether to return a html compliant string that can be used in an img tag to show a bar code. |
| keepTrack | Optional | false | Whether to AlertingHub should keep track of this authenticator, allowing you to check authentication codes by just specifying the code, issuer and label. |
Response
| Parameter | Description |
|---|---|
| success | One of “true”, “false”. If false then failureReason should also be returned. |
| info | Object containing return information about the authenticator. |
| issuer | The issuer specified in the original API call. |
| label | The label specified in the original API call. |
| secretBase32 | If returnSecret was specified then this will contain a base32 encoded version of the secret. |
| qrCode | If returnQRCode was specified then this will contain a string in an html img compliant format for display in emails, web-pages and so forth. |