MFA Authentication Code

application.id

String

Required

Mutable

The ID of a mobile application for which the code is valid; only the specified mobile application can scan the QR code.

clientContext

String

Optional

Mutable

An ObjectNode that provides relevant information to the mobile application that can be shown to application users. For example, Do you want to approve this transaction?. For more information, refer to Create Authentication Code.

lifeTime.duration

Integer

Optional

Mutable

The length of time for this authentication code to be valid. The minimum value is 10 seconds; the maximum value is 30 minutes; the default is 1 minute. If the lifeTime.duration property is set, a value for lifeTime.timeUnit is required.

lifeTime.timeUnit

String

Optional

Mutable

The time unit for the lifeTime.duration property. Options are SECONDS and MINUTES. If the lifeTime.timeUnit property is set, a value for lifeTime.duration is required.

userApproval

String

Optional

Mutable

Whether the mobile device must verify that the user approves the authentication with the scanned code. Options are REQUIRED and NOT_REQUIRED.

code

String

N/A

Read-only

The authentication code. The code is eight characters in length, and it can include numbers and uppercase letters.

createdAt

Date

N/A

Read-only

When the resource was created.

environment.id

String

N/A

Read-only

The environment’s unique identifier.

expiresAt

Date

N/A

Read-only

The expiration time of authentication code.

id

String

N/A

Read-only

The resource’s unique identifier.

status

String

N/A

Read-only

The status of the authentication code. Options are UNCLAIMED, CLAIMED, EXPIRED, DENIED, and COMPLETED. The EXPIRED status is active for 5 minutes after the code is no longer valid.

updatedAt

Date

N/A

Read-only

When the resource was last updated.

uri

String

N/A

Read-only

A universal link (for example, https://www.example.com/pingonesdk?authentication_code={{generated token}}). This property can also set a link to a schema application (for example, pingoneapp://pingonesdk?authentication_code={{generated token}}). If a universal link or schema application link is not set, the response does not include the pingonesdk?authentication_code={{generated token}} portion of the URL.

user.id

UUID

N/A

Read-only

The unique identifier of the authenticated user.

_embedded.device.otpStatus.status

String

N/A

Read-only

Whether or not the device can be used currently for OTP-based authentication. Value returned is ENABLED or DISABLED. Relevant only for devices where type is MOBILE.

_embedded.device.otpStatus.reason

String

N/A

Read-only

If the status is DISABLED, contains the reason that the device cannot be used for OTP-based authentication, for example, that the application used a version of the MFA SDK that does not support OTP. Relevant only for devices where type is MOBILE.

_embedded.device.pushStatus.status

String

N/A

Read-only

Whether or not the device can be used currently for push-based authentication. Value returned is ENABLED or DISABLED. Relevant only for devices where type is MOBILE.

_embedded.device.pushStatus.reason

String

N/A

Read-only

If the status is DISABLED, contains the reason that the device cannot be used for push-based authentication, for example, that the push option was disabled for the application in the MFA policy. Relevant only for devices where type is MOBILE.

_embedded.device.usableStatus.status

String

N/A

Read-only

Whether or not the device can be used currently for authentication. Value returned is ENABLED or DISABLED.

_embedded.device.usableStatus.reason

String

N/A

Read-only

If the status is DISABLED, contains the reason that the device cannot be used for authentication, for example, that the defined daily notifications limit has already been reached.