Security
      Back to home
      1. ioGates Knowledge Base & Help Center
      2. API
      3. Security

      The ioGates Two Factor Auth API

      Master the Two-Factor Auth API in ioGates to enhance security through SMS verification, detailing the steps for initiating two-factor authentication, prompting for codes, and verifying user access.

      Two-Factor Authentication Workflow

      Two-factor authentication (2FA) in ioGates ensures an additional layer of security for accessing shared content. The process is designed to be straightforward, requiring verification only once per token/deviceId combination, utilizing SMS as the primary method.

      Initiating Two-Factor Authentication

      • Endpoint: /api/apiauth/twofactorsms/{token}
      • Method: GET

      • Authorisation: A Bearer token is required, which is obtained from the auth token API.
        Example:

        Authorisation: Bearer 123-BodrEJHrC43KejPcM0nzTl05gUMi3i8ruzGN

      • Functionality: This step triggers an SMS text message to the user's registered mobile number containing the 2FA code needed for verification.

      Response Details

      • HTTP Status 200
      • message: Provides feedback on the initiation process.
      • type: Indicates the 2FA method, which is currently set to SMS.
      • auth_required: A boolean value that confirms whether 2FA is needed.
      • expiry: The expiration date and time of the SMS 2FA code, formatted in ISO-8601.

      Verifying Two-Factor Code

      • Endpoint for Verification: /api/apiauth/twofactorsms/{token}
      • Method: GET
      • Request Format: Form URL-encoded, including the authcode parameter, which is the 2FA code received via SMS.

      Response to Verification


      HTTP Status Codes      :
      • 200: Code accepted.
      • 400: Bad request, possibly due to a missing code.
      • 401: Rejected due to the wrong code.
      • 403: Rejection due to no pending codes, indicating possible expiry.
      • 404: No codes available for verification.

      Response JSON Body

      message:   Information on result

      Enhancing Security with 2FA

      Implementing 2FA via the ioGates API not only elevates the security of accessing shared files and folders but also assures users of a safe and secure environment for their digital content. By integrating this additional verification step, ioGates reinforces its commitment to providing a robust and secure platform for cloud-based file management and collaboration.