Is there an API call to find out the token type if PIN and USER is known?

I could not find it in the docs but maybe I missed it. If I know the PIN and the user. Can I find out which token type this is via an API call?

I am asking this for a consistent behavior of the pam module:

  • First step is asking the PIN code
  • Depending on the token type we can present a different authentication/question.

Hey @basvandervlies

If you add the authentication policy “challenge_response” and enter the token types, you want to use.
Now you can do a simple /validate/check with user and pass. You’ll get the response “type”.

After that you can use your token with the trigger challenge you got.

Hope it helps (:

Hi @Mipronimo,

Thanks it took me a while to decrypt but we have added totp to the challenge_response in the authentication policy on the web server and we no get what we want :wink:

So now I can ask for the pin code of the TOTP/TIQR token:

  • totp enter the digit code
  • tiqr scan the QRcode