Authenticates a user with a two-step authentication protocol.
- macOS 10.7+
.example .com /checkin
The request object for two-step user authentication.
A UserAuthenticate handshake usually consists of two transactions between client and server. Upon receiving the first request from the client, the server should respond with a 200 status code and a dictionary containing a
Digest key (string).
Digest provided by the server indicates that the server does not require any
Auth to be generated for this user. Otherwise, the client generates a digest from the user's short name, the user's clear-text password and the
Digest value provided by the server. The resulting digest is sent in a second UserAuthenticate request to the server, which validates the response and returns a dictionary that contains an
Auth value that is sent subsequent commands on the user channel (to both the
If the server rejects the
Digest value because of an invalid password, it must return a
200 response and an empty
Auth value. If the server does not want to mange this user, it returns a
410 status code to the initial
User request. The client will not make any additional requests to the server on behalf of this user for the duration of this login session.
The next time the user logs in, the client sends a new request and the server can optionally return
410 again. The
Auth remains valid until the next time the client sends a UserAuthenticate request. The client initiates a handshake each time a mobile or network user logs in.