GET v1/Authenticate/2FA

Verifies code for a customer's login operation

URI template

v1/Authenticate/2FA?email={email}&code={code}&rememberMe={rememberMe}&nickname={nickname}

Request Information

URI Parameters

Name	Description	Type	Additional information
email	Email address of the login	string	Required
code	Code obtained through the two factor auth process	string	Required
rememberMe	Whether or not to remember the device used to login	boolean	Default value is False
nickname	Nick name of the device to be remembered	string	Default value is

Body Parameters

None.

Response Information

Resource Description

A Http status code of 200 with access token information and id_token containing customer information base64 encoded are returned if authenticated.
A Http status code of 404 is returned if the code is incorrect or has expired.
A Http status code of 400 is returned if the code and email are not provided and if a nickname is not provided to remember a device with.

ConfirmCodeResult

Name	Description	Type	Additional information
access_token	The token required for all authenticated calls. Expires after expires_in_seconds seconds have elapsed	string	None.
refresh_token	This token is used to request a new access_token when the previous one expires	string	None.
expires_in_seconds	The number of seconds until the access_token expires	decimal number	None.
id_token	Customer information base64 encoded e.g. Id, LoyaltyId etc. This string will always be deserializable as a valid json object and the "path" to CustomerId, LoyaltyId etc. will never change. Making it a string allows us to add extra pieces of information if necessary for folks who might need them, without breaking our contract with everyone else	string	None.

Response Formats

application/json, text/json

Sample:

{
  "access_token": "eyJFbmNyeXB0ZWREYXRhIjoiN1BndHpFbXVTcE1xYUZ2djZlRzFKQUVNUlNDdmtPK1dNWGJVU1diSTlPVVp3bkNGbWlHQ29yWmJTcEdnaUdIdklaR1ZVVFl0eDg0ODM1K1V1MHUxYllRVGhySlo3NUZVN05BYXJwVkxuUGhPRENFd3VDOU9jVFIrV3NHOHZxdnJVRVRCa2dWNnRiS1Z6UllGemhwY0VyNXJwU3NNK2p5MG03VGQvMUJVQXRLVGYzcjVHQVhJL3VVWktUSDlETlc0UXI2WDZrb1V2ekc2dlBuTXVhdXpoUT09IiwiSXYiOiJxMmFwRVY3amZrZy9VUEhWbW5kZmhBVVJqamw1TlUvSXNoSStnM0NaMlZnPSJ9",
  "refresh_token": "eyJFbmNyeXB0ZWREYXRhIjoienNKR1JYb1h0azExNlV3T282SGM0bjc0dTFSYUZwc29KT2dkVm85VnRUST0iLCJJdiI6IlpvWG02WVZtTE5ROVBZVFk1WHd2eWtBdEJRM0pWNE9xMER3YnlZYmo0RlU9In0=",
  "expires_in_seconds": 1800.0,
  "id_token": "eyJDdXN0b21lcklkIjoiOGY1OWU4NGQtMzk5Yi00YjYyLWJiMmMtNTUyYWRkMjExMTZjIiwiTG95YWx0eUlkIjoiIn0="
}

id_token:

Decoded

json query:

Result:

{Results of your json query will appear here}

application/xml, text/xml

Sample:

<ConfirmCodeResult xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.datacontract.org/2004/07/OnlineOrderingAPI.Models.v1.Response">
  <access_token>eyJFbmNyeXB0ZWREYXRhIjoiN1BndHpFbXVTcE1xYUZ2djZlRzFKQUVNUlNDdmtPK1dNWGJVU1diSTlPVVp3bkNGbWlHQ29yWmJTcEdnaUdIdklaR1ZVVFl0eDg0ODM1K1V1MHUxYllRVGhySlo3NUZVN05BYXJwVkxuUGhPRENFd3VDOU9jVFIrV3NHOHZxdnJVRVRCa2dWNnRiS1Z6UllGemhwY0VyNXJwU3NNK2p5MG03VGQvMUJVQXRLVGYzcjVHQVhJL3VVWktUSDlETlc0UXI2WDZrb1V2ekc2dlBuTXVhdXpoUT09IiwiSXYiOiJxMmFwRVY3amZrZy9VUEhWbW5kZmhBVVJqamw1TlUvSXNoSStnM0NaMlZnPSJ9</access_token>
  <expires_in_seconds>1800</expires_in_seconds>
  <id_token>eyJDdXN0b21lcklkIjoiOGY1OWU4NGQtMzk5Yi00YjYyLWJiMmMtNTUyYWRkMjExMTZjIiwiTG95YWx0eUlkIjoiIn0=</id_token>
  <refresh_token>eyJFbmNyeXB0ZWREYXRhIjoienNKR1JYb1h0azExNlV3T282SGM0bjc0dTFSYUZwc29KT2dkVm85VnRUST0iLCJJdiI6IlpvWG02WVZtTE5ROVBZVFk1WHd2eWtBdEJRM0pWNE9xMER3YnlZYmo0RlU9In0=</refresh_token>
</ConfirmCodeResult>