PingOne Platform APIs

Create MFA User Device for testing

   

POST {{apiPath}}/environments/{{envID}}/users/{{userID}}/devices

To simplify automated testing of your applications, you can create dedicated testing devices. When you use the API to send authentication requests to such a device, the OTP is not sent to the actual device, but instead is returned as part of the body of the response.

This sample request creates such a testing device by setting testMode to true in the body of the request.

Note that you can only specify a device as a testing device if the type of the device is set to EMAIL, SMS, or VOICE.

For dedicated testing devices, the response to authentication requests includes the OTP value in the field test.otp.

Note that in the body of this request, status is set to ACTIVATION_REQUIRED, so in this case, test.otp is included in the body of the response.

Request Model
Property Type Required?

type

String

Required

testMode

Boolean

Required

status

String

Required

policy.id

String

Optional

block.status

String

Optional

block.blockedAt

Date

Optional

lock.status

String

Optional

lock.expiresAt

Date

Optional

policy.id

String

Optional

policy.type

String

Optional

nickname

String

Optional

Refer to the Device properties data model for full property descriptions.

Refer to the Create User Device requests for Email, SMS, and Voice for properties related to those device types.

Headers

Authorization      Bearer {{accessToken}}

Content-Type      application/json

Body

raw ( application/json )

{
    "type": "SMS",
    "phone": "+14135550150",
    "testMode": true,
    "status": "ACTIVATION_REQUIRED",
    "policy": {
        "id": "{{deviceAuthenticationPolicyID}}"
    }
}

Example Request

  • cURL

  • C#

  • Go

  • HTTP

  • Java

  • jQuery

  • NodeJS

  • Python

  • PHP

  • Ruby

  • Swift

curl --location --globoff '{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
    "type": "SMS",
    "phone": "+14135550150",
    "testMode": true,
    "status": "ACTIVATION_REQUIRED",
    "policy": {
        "id": "{{deviceAuthenticationPolicyID}}"
    }
}'
var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@"    ""type"": ""SMS""," + "\n" +
@"    ""phone"": ""+14135550150""," + "\n" +
@"    ""testMode"": true," + "\n" +
@"    ""status"": ""ACTIVATION_REQUIRED""," + "\n" +
@"    ""policy"": {" + "\n" +
@"        ""id"": ""{{deviceAuthenticationPolicyID}}""" + "\n" +
@"    }" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices"
  method := "POST"

  payload := strings.NewReader(`{
    "type": "SMS",
    "phone": "+14135550150",
    "testMode": true,
    "status": "ACTIVATION_REQUIRED",
    "policy": {
        "id": "{{deviceAuthenticationPolicyID}}"
    }
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Authorization", "Bearer {{accessToken}}")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}
POST /environments/{{envID}}/users/{{userID}}/devices HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}

{
    "type": "SMS",
    "phone": "+14135550150",
    "testMode": true,
    "status": "ACTIVATION_REQUIRED",
    "policy": {
        "id": "{{deviceAuthenticationPolicyID}}"
    }
}
OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n    \"type\": \"SMS\",\n    \"phone\": \"+14135550150\",\n    \"testMode\": true,\n    \"status\": \"ACTIVATION_REQUIRED\",\n    \"policy\": {\n        \"id\": \"{{deviceAuthenticationPolicyID}}\"\n    }\n}");
Request request = new Request.Builder()
  .url("{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices")
  .method("POST", body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Authorization", "Bearer {{accessToken}}")
  .build();
Response response = client.newCall(request).execute();
var settings = {
  "url": "{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices",
  "method": "POST",
  "timeout": 0,
  "headers": {
    "Content-Type": "application/json",
    "Authorization": "Bearer {{accessToken}}"
  },
  "data": JSON.stringify({
    "type": "SMS",
    "phone": "+14135550150",
    "testMode": true,
    "status": "ACTIVATION_REQUIRED",
    "policy": {
      "id": "{{deviceAuthenticationPolicyID}}"
    }
  }),
};

$.ajax(settings).done(function (response) {
  console.log(response);
});
var request = require('request');
var options = {
  'method': 'POST',
  'url': '{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices',
  'headers': {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer {{accessToken}}'
  },
  body: JSON.stringify({
    "type": "SMS",
    "phone": "+14135550150",
    "testMode": true,
    "status": "ACTIVATION_REQUIRED",
    "policy": {
      "id": "{{deviceAuthenticationPolicyID}}"
    }
  })

};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});
import requests
import json

url = "{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices"

payload = json.dumps({
  "type": "SMS",
  "phone": "+14135550150",
  "testMode": True,
  "status": "ACTIVATION_REQUIRED",
  "policy": {
    "id": "{{deviceAuthenticationPolicyID}}"
  }
})
headers = {
  'Content-Type': 'application/json',
  'Authorization': 'Bearer {{accessToken}}'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n    "type": "SMS",\n    "phone": "+14135550150",\n    "testMode": true,\n    "status": "ACTIVATION_REQUIRED",\n    "policy": {\n        "id": "{{deviceAuthenticationPolicyID}}"\n    }\n}');
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}
require "uri"
require "json"
require "net/http"

url = URI("{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
  "type": "SMS",
  "phone": "+14135550150",
  "testMode": true,
  "status": "ACTIVATION_REQUIRED",
  "policy": {
    "id": "{{deviceAuthenticationPolicyID}}"
  }
})

response = http.request(request)
puts response.read_body
let parameters = "{\n    \"type\": \"SMS\",\n    \"phone\": \"+14135550150\",\n    \"testMode\": true,\n    \"status\": \"ACTIVATION_REQUIRED\",\n    \"policy\": {\n        \"id\": \"{{deviceAuthenticationPolicyID}}\"\n    }\n}"
let postData = parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/users/{{userID}}/devices")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()

Example Response

201 Created

{
    "_links": {
        "self": {
            "href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/users/b30ac647-e33e-464f-a6ea-0275082d4c26/devices/e749a05e-df11-47e0-97d7-109dfd37d43a"
        },
        "environment": {
            "href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
        },
        "user": {
            "href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/users/b30ac647-e33e-464f-a6ea-0275082d4c26"
        },
        "device.activate": {
            "href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/users/b30ac647-e33e-464f-a6ea-0275082d4c26/devices/e749a05e-df11-47e0-97d7-109dfd37d43a"
        }
    },
    "id": "e749a05e-df11-47e0-97d7-109dfd37d43a",
    "environment": {
        "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
    },
    "user": {
        "id": "b30ac647-e33e-464f-a6ea-0275082d4c26"
    },
    "type": "SMS",
    "status": "ACTIVATION_REQUIRED",
    "test": {
        "otp": "288161"
    },
    "createdAt": "2022-09-22T13:29:12.548Z",
    "updatedAt": "2022-09-22T13:29:12.548Z",
    "phone": "+14135550150",
    "testMode": true
}