Activate MFA User Device (OATH token)
POST {{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}This example uses the devices endpoint to activate an OATH token device:
{{apiPathTest}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}
Devices with a status of ACTIVATION_REQUIRED are activated using a valid one-time password (OTP) that was sent to the user.
In addition to the otp parameter, which is used for activation of all device types, this example includes the OATH token-specific parameter oathResync. When this parameter is set to true, it instructs PingOne to resync the OATH token that is to be activated if a resync is required.
If a resync is necessary, the response to the activation request is an error message indicating that you must provide an additional OTP to complete the process (refer to the response for this example.) When this message is returned, run the activate request again, this time including the next OTP for the token as well as the oathResync parameter. This second request completes the pairing process, and the status of the device is changed to ACTIVE.
Note that for activation requests, the Content-Type header must be set to application/vnd.pingidentity.device.activate+json.
Request Model
| Property | Type | Required? |
|---|---|---|
|
String |
Required |
|
Boolean |
Optional |
Refer to the Device properties data model for full property descriptions.
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}' \
--header 'Content-Type: application/vnd.pingidentity.device.activate+json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"otp": "71053192",
"oathResync": true
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/vnd.pingidentity.device.activate+json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""otp"": ""71053192""," + "\n" +
@" ""oathResync"": true" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}"
method := "POST"
payload := strings.NewReader(`{
"otp": "71053192",
"oathResync": true
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/vnd.pingidentity.device.activate+json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/users/{{userID}}/devices/{{deviceID}} HTTP/1.1
Host: {{apiPath}}
Content-Type: application/vnd.pingidentity.device.activate+json
Authorization: Bearer {{accessToken}}
{
"otp": "71053192",
"oathResync": true
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/vnd.pingidentity.device.activate+json");
RequestBody body = RequestBody.create(mediaType, "{\n \"otp\": \"71053192\",\n \"oathResync\": true\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}")
.method("POST", body)
.addHeader("Content-Type", "application/vnd.pingidentity.device.activate+json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/vnd.pingidentity.device.activate+json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"otp": "71053192",
"oathResync": true
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}',
'headers': {
'Content-Type': 'application/vnd.pingidentity.device.activate+json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"otp": "71053192",
"oathResync": true
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}"
payload = json.dumps({
"otp": "71053192",
"oathResync": True
})
headers = {
'Content-Type': 'application/vnd.pingidentity.device.activate+json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/vnd.pingidentity.device.activate+json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "otp": "71053192",\n "oathResync": true\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/vnd.pingidentity.device.activate+json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"otp": "71053192",
"oathResync": true
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"otp\": \"71053192\",\n \"oathResync\": true\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices/{{deviceID}}")!,timeoutInterval: Double.infinity)
request.addValue("application/vnd.pingidentity.device.activate+json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
400 Bad Request
{
"id": "b8ee5b23-ac72-4655-bb86-7ba3f6e4a7c1",
"code": "INVALID_DATA",
"message": "The request could not be completed. One or more validation errors were in the request.",
"details": [
{
"code": "EXTRA_OTP_REQUIRED",
"target": "otp",
"message": "An extra OTP is required"
}
]
}