# Identifier Service

Authentication service for Insly

Version: 1.0

## Servers

```
/api/v1/identifier
```

## Security

### BearerToken

Type: apiKey
In: header
Name: Authorization

### OAuth2Implicit

Type: oauth2
Authorization URL: /login/:tenant_tag
Scopes:
- `aws.cognito.signin.user.admin`:  Grants read and write access to administrative information

## Download OpenAPI description

[Identifier Service](https://ledger.docs.insly.com/_bundle/apis/identifier/swagger.yaml)

## Authentication

### respond-to-challenge

 - [POST /auth/challenge/{tenant_tag}](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/respond-to-challenge.md): In case asked for a challenge, use it to respond.

### login

 - [POST /login/{tenant_tag}](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/login.md): Authenticates user and returns tokens or challenge in case of success.

### logout

 - [POST /logout/{tenant_tag}](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/logout.md): log out

### disable-totp

 - [POST /mfa/totp/disable](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/disable-totp.md): disable TOTP for user

### enable-totp

 - [POST /mfa/totp/enable](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/enable-totp.md): enable TOTP for user

### verify-totp

 - [POST /mfa/totp/verify](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/verify-totp.md): verify TOTP for user

### force-reset-password

 - [POST /password/force_reset/{tenant_tag}](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/force-reset-password.md): force reset password for user

### forgot-password

 - [POST /password/reset/{tenant_tag}](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/forgot-password.md): Start a forgot password process

### confirm-forgot-password

 - [POST /password/update/{tenant_tag}](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/confirm-forgot-password.md): Provide the confirmation code and update password

### client-token

 - [POST /token/client/{tenant_tag}](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/client-token.md): Generate an access token for app client

### get-user-info-old

 - [GET /user](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/get-user-info-old.md): get user's identity using access token. This is the previous version which fetches the data from Cognito

### get-user-info

 - [GET /user/{tenant_tag}](https://ledger.docs.insly.com/apis/identifier/swagger/authentication/get-user-info.md): get user's identity using access token and tenant, either from DB or from Cognito

## Token

### refresh-token

 - [POST /token/refresh/{tenant_tag}](https://ledger.docs.insly.com/apis/identifier/swagger/token/refresh-token.md): refresh AccessToken

### validate-token

 - [POST /token/validate/{tenant_tag}](https://ledger.docs.insly.com/apis/identifier/swagger/token/validate-token.md): Parses and validates the token