Default HTTP API Endpoints
Nevis Mobile Authentication exposes several HTTP API endpoints that are relevant for authentication clients. As Nevis is highly flexible in regards to configuration, the following information is based on defaults and recommendations.
Identity Suite
The following endpoints exposed using the default nevisAdmin4 patterns in the Identity Suite:
Public URL | HTTP Method | Authorization / Authentication | Used by App / SDK | Admin4 pattern |
---|---|---|---|---|
https://{domain}/auth/fidouaf | POST | ❌ None | ✅ | In-Band Mobile Authentication Realm Transaction Confirmation Out-of-band Mobile Authentication |
https://{domain}/auth/fidouaf/authenticationresponse/ | POST | ❌ None | ✅ | In-Band Mobile Authentication Realm Transaction Confirmation Out-of-band Mobile Authentication |
https://{domain}/nevisfido/uaf/1.1/request/registration/ | POST | ✅ Cookie / SecToken / JWT | ❌ | In-Band Mobile Authentication Service Out-of-band Mobile Onboarding |
https://{domain}/nevisfido/uaf/1.1/request/deregistration/ | POST | ✅ FIDO UAF / ✅ JWS | ✅ | Mobile Deregistration Service |
https://{domain}/nevisfido/uaf/1.1/registration/ | POST | ❌ None | ✅ | Out-of-band Mobile Registration Service |
https://{domain}/nevisfido/uaf/1.1/facets | GET | ❌ None | ✅ | In-Band Mobile Authentication Realm Out-of-band Mobile Registration Service In-band Mobile Registration Service |
https://{domain}/nevisfido/token/redeem/registration/ | GET | ❌ None | ✅ | Out-of-band Mobile Registration Service |
https://{domain}/nevisfido/token/dispatch/registration/ | POST | ✅ non-FIDO UAF | ❌ | Out-of-band Mobile Registration Service |
https://{domain}/nevisfido/token/redeem/authentication/ | GET | ❌ None | ✅ | Out-of-band Mobile Authentication Transaction Confirmation |
https://{domain}/nevisfido/token/dispatch/targets/ | PATCH | ✅ JWS | ✅ | Out-of-band Mobile Registration Service |
https://{domain}/nevisfido/devices/credentials/{deviceId} | GET | ✅ JWS | ✅ | nevisFIDO UAF Device Service |
https://{domain}/nevisfido/devices/credentials/{deviceId} | PATCH | ✅ JWS | ✅ | nevisFIDO UAF Device Service |
https://{domain}/nevisfido/devices/credentials/{deviceId} | DELETE | ✅ JWS | ✅ | nevisFIDO UAF Device Service |
https://{domain}/nevisfido/devices/oobOperations/{deviceId} | GET | ✅ JWS | ✅ | nevisFIDO UAF Device Service |
https://{domain}/nevisfido/status | POST | ❌ None | ❌ | In-Band Mobile Authentication Realm Out-of-band Mobile Registration Service Transaction Confirmation |
Authentication Cloud
The following endpoints are used by the Nevis Access App or SDK when using the Nevis Authentication Cloud. The detailed HTTP API documentation for the Nevis Authentication Cloud not used by the Access App and SDK can be found in the Authentication Cloud documentation.
Public URL | HTTP Method | Authorization / Authentication |
---|---|---|
https://{domain}/_app/uaf/1.1/request/authentication/ | POST | ❌ None |
https://{domain}/_app/uaf/1.1/authentication/ | POST | ❌ None |
https://{domain}/_app/uaf/1.1/registration/ | POST | ❌ None |
https://{domain}/_app/uaf/1.1/facets | GET | ❌ None |
https://{domain}/_app/token/redeem/authentication/ | GET | ❌ None |
https://{domain}/_app/token/redeem/registration/ | GET | ❌ None |
https://{domain}/_app/token/dispatch/targets/ | PATCH | ✅ JWS |
https://{domain}/_app/devices/credentials/{deviceId} | GET | ✅ JWS |
https://{domain}/_app/devices/credentials/{deviceId} | PATCH | ✅ JWS |
https://{domain}/_app/devices/credentials/{deviceId} | DELETE | ✅ JWS |
https://{domain}/_app/devices/oobOperations/{deviceId} | GET | ✅ JWS |
nevisFIDO component
The following endpoints are exposed by the nevisFIDO component. For a working setup based on these defaults, set up a matching configuration in the other Nevis Mobile Authentication components: nevisProxy, nevisAuth, and nevisLogrend.
Refer to the Use Cases and Best Practices documentation in this guide for complete information on how to configure Nevis Mobile Authentication. Configuration snippets are provided there as well.
FIDO UAF endpoints
Public URL | HTTP Method | Recommended Authorization / Authentication |
---|---|---|
/nevisfido/uaf/1.1/request/registration | POST | ✅ non-FIDO UAF |
/nevisfido/uaf/1.1/request/deregistration | POST | ✅ FIDO UAF |
/nevisfido/uaf/1.1/request/authentication | POST | ❌ None |
/nevisfido/uaf/1.1/registration | POST | ❌ None |
/nevisfido/uaf/1.1/authentication | POST | ❌ None |
/nevisfido/uaf/1.1/facets | GET | ❌ None |
Dispatch token endpoints
Public URL | HTTP Method | Recommended Authorization / Authentication |
---|---|---|
/nevisfido/token/dispatch/authentication | POST | ❌ None |
/nevisfido/token/dispatch/registration | POST | ✅ non-FIDO UAF |
/nevisfido/token/dispatch/deregistration | POST | ✅ FIDO UAF |
Dispatch target endpoints
Public URL | HTTP Method | Recommended Authorization / Authentication |
---|---|---|
/nevisfido/token/dispatch/targets | GET | ✅ Should not be exposed to external clients (only used by nevisAuth) |
/nevisfido/token/dispatch/targets/ | POST | ✅ FIDO UAF |
/nevisfido/token/dispatch/targets/<id> | PATCH | ✅ JWS |
/nevisfido/token/dispatch/targets/<id> | DELETE | ✅ FIDO UAF |
Create token endpoints
Public URL | HTTP Method | Recommended Authorization / Authentication |
---|---|---|
/nevisfido/token/create/registration | POST | ✅ Password |
/nevisfido/token/create/authentication | POST | ❌ None |
/nevisfido/token/create/deregistration | POST | ✅ Password |
Redeem token endpoints
Public URL | HTTP Method | Recommended Authorization / Authentication |
---|---|---|
/nevisfido/token/redeem/registration | POST | ❌ None |
/nevisfido/token/redeem/authentication | POST | ❌ None |
/nevisfido/token/redeem/deregistration | POST | ❌ None |
Status endpoint
Public URL | HTTP Method | Recommended Authorization / Authentication |
---|---|---|
/nevisfido/status | POST | ❌ None |
Device endpoints
Public URL | HTTP Method | Recommended Authorization / Authentication |
---|---|---|
/nevisfido/devices/credentials/{deviceId} | GET | ✅ JWS |
/nevisfido/devices/credentials/{deviceId} | PATCH | ✅ JWS |
/nevisfido/devices/credentials/{deviceId} | DELETE | ✅ JWS |
/nevisfido/devices/oobOperations/{deviceId} | GET | ✅ JWS |