Default HTTP API Endpoints
Nevis Mobile Authentication exposes several HTTP API endpoints that are relevant for authentication clients. As Nevis is highly flexible in regards to configuration, the following information is based on defaults and recommendations.
FIDO UAF endpoints
| Public URL | HTTP method | Recommended authorization/authentication |
|---|
/nevisfido/uaf/1.1/request/registration | POST | ✅ non-FIDO UAF |
/nevisfido/uaf/1.1/request/deregistration | POST | ✅ FIDO UAF |
/nevisfido/uaf/1.1/request/authentication | POST | ❌ None |
/nevisfido/uaf/1.1/registration | POST | ❌ None |
/nevisfido/uaf/1.1/authentication | POST | ❌ None |
/nevisfido/uaf/1.1/facets | GET | ❌ None |
Dispatch token endpoints
| Public URL | HTTP method | Recommended authorization/authentication |
|---|
/nevisfido/token/dispatch/authentication | POST | ❌ None |
/nevisfido/token/dispatch/registration | POST | ✅ non-FIDO UAF |
/nevisfido/token/dispatch/deregistration | POST | ✅ FIDO UAF |
Dispatch target endpoints
| Public URL | HTTP method | Recommended authorization/authentication |
|---|
/nevisfido/token/dispatch/targets | GET | ✅ Should not be exposed to external clients (only used by nevisAuth) |
/nevisfido/token/dispatch/targets/ | POST | ✅ FIDO UAF |
/nevisfido/token/dispatch/targets/<id> | PATCH | ✅ JWS |
/nevisfido/token/dispatch/targets/<id> | DELETE | ✅ FIDO UAF |
Create token endpoints
| Public URL | HTTP method | Recommended authorization/authentication |
|---|
/nevisfido/token/create/registration | POST | ✅ Password |
/nevisfido/token/create/authentication | POST | ❌ None |
/nevisfido/token/create/deregistration | POST | ✅ Password |
Redeem token endpoints
| Public URL | HTTP method | Recommended authorization/authentication |
|---|
/nevisfido/token/redeem/registration | POST | ❌ None |
/nevisfido/token/redeem/authentication | POST | ❌ None |
/nevisfido/token/redeem/deregistration | POST | ❌ None |
Status endpoint
| Public URL | HTTP method | Recommended authorization/authentication |
|---|
/nevisfido/status | POST | ❌ None |
The settings in the previous table are built into nevisFIDO as default settings. For a working setup based on these defaults, set up a matching configuration in the other Nevis Mobile Authentication components: nevisProxy,
nevisAuth, and nevisLogrend.
Refer to the Use Cases and Best Practices documentation in this guide for complete information on how to configure Nevis Mobile Authentication. Configuration snippets are provided there as well.