Set to the access token you generated using the Generate Token API. When you want to simply authenticate a user in OneLogin and MFA is required, you can just treat the token returned by the Verify Factor API in the 200 OK - Success message as a confirmation that the user has been authenticated. When MFA is required, the Create Session Login Token API works in close conjunction with the Verify Factor API call. You can perform delegated authentication with or without MFA. Likewise, you can use the 401 - Unauthorized status code to indicate that a user could not be authenticated. In delegated authentication, you treat the token returned in the 200 OK - Success message as a confirmation that the user has been authenticated, but you do not use the session token itself. You can also use this API to delegate authentication of a user to OneLogin without starting a OneLogin session.
For detailed usage flows and examples that illustrate how to use this API to log a user in, see Logging a User in Via API.
0 kommentar(er)
