JWT
The JWT method of authentication is ideal for user/client to server applications.
The Basics
The JWT method of authentication is ideal for user/client to server applications. The JWT token can be used in place of all {{access_token}} variables.
To learn more about JWT's and how to use them checkout jwt.io
Multifactor Authentication
After getting a JWT token decode it and look for "user_scope": "mfa_required", if it exists make an additional call with GetUserMfaVerified and the client's one-time password to get validated JWT.
NOTE: The Response will include a Set-Cookie parameter, its important that you send this cookie as a Header on all subsequent requests using the JWT for authorization.
Cookie: ns-1111-DOMAIN=e03580cb66eb5f54a18b041b4944df1
Updated about 1 year ago