PingDirectory API Reference

Register YubiKey OTP Device

The register YubiKey OTP device extended request, which is heavily based on the RegisterYubiKeyOTPDeviceExtendedRequest class in the LDAP SDK, causes the server to associate a YubiKey device with a user account so it can be used to authenticate that user.

The request body is a JSON object with the following fields:

  • staticPassword

    An optional string field whose value is the static password for the user. If this is provided, then the POST request will not require an Authorization header, as the request will be authorized as the end user. If this is absent, then the request must have an Authorization header, and its associated identity will be used to authorize the request.

  • otp

    A mandatory string field whose value is a one-time password generated by the YubiKey device to be registered with the user’s account.

The response body is a JSON object with the following fields:

  • resultCode

    A mandatory JSON object that contains the following fields:

    • value — The integer value for the LDAP result code. This is required.

    • name — A name for the LDAP result code. This is optional but recommended.

  • diagnosticMessage

    An optional string field that holds a human-readable message with additional information about the operation.