Default HTTP API Endpoints

Nevis Mobile Authentication exposes several HTTP API endpoints that are relevant for authentication clients. As Nevis is highly flexible in regards to configuration, the following information is based on defaults and recommendations.

Identity Suite

The following endpoints exposed using the default nevisAdmin4 patterns in the Identity Suite:

Public URL	HTTP Method	Authorization / Authentication	Used by App / SDK	Admin4 pattern
`https://{domain}/auth/fidouaf`	POST	❌ None	✅	In-Band Mobile Authentication Realm Transaction Confirmation Out-of-band Mobile Authentication
`https://{domain}/auth/fidouaf/authenticationresponse/`	POST	❌ None	✅	In-Band Mobile Authentication Realm Transaction Confirmation Out-of-band Mobile Authentication
`https://{domain}/nevisfido/uaf/1.1/request/registration/`	POST	✅ Cookie / SecToken / JWT	❌	In-Band Mobile Authentication Service Out-of-band Mobile Onboarding
`https://{domain}/nevisfido/uaf/1.1/request/deregistration/`	POST	✅ FIDO UAF / ✅ JWS	✅	Mobile Deregistration Service
`https://{domain}/nevisfido/uaf/1.1/registration/`	POST	❌ None	✅	Out-of-band Mobile Registration Service
`https://{domain}/nevisfido/uaf/1.1/facets`	GET	❌ None	✅	In-Band Mobile Authentication Realm Out-of-band Mobile Registration Service In-band Mobile Registration Service
`https://{domain}/nevisfido/token/redeem/registration/`	GET	❌ None	✅	Out-of-band Mobile Registration Service
`https://{domain}/nevisfido/token/dispatch/registration/`	POST	✅ non-FIDO UAF	❌	Out-of-band Mobile Registration Service
`https://{domain}/nevisfido/token/redeem/authentication/`	GET	❌ None	✅	Out-of-band Mobile Authentication Transaction Confirmation
`https://{domain}/nevisfido/token/dispatch/targets/`	PATCH	✅ JWS	✅	Out-of-band Mobile Registration Service
`https://{domain}/nevisfido/devices/credentials/{deviceId}`	GET	✅ JWS	✅	nevisFIDO UAF Device Service
`https://{domain}/nevisfido/devices/credentials/{deviceId}`	PATCH	✅ JWS	✅	nevisFIDO UAF Device Service
`https://{domain}/nevisfido/devices/credentials/{deviceId}`	DELETE	✅ JWS	✅	nevisFIDO UAF Device Service
`https://{domain}/nevisfido/devices/oobOperations/{deviceId}`	GET	✅ JWS	✅	nevisFIDO UAF Device Service
`https://{domain}/nevisfido/status`	POST	❌ None	❌	In-Band Mobile Authentication Realm Out-of-band Mobile Registration Service Transaction Confirmation

Authentication Cloud

The following endpoints are used by the Nevis Access App or SDK when using the Nevis Authentication Cloud. The detailed HTTP API documentation for the Nevis Authentication Cloud not used by the Access App and SDK can be found in the Authentication Cloud documentation.

Public URL	HTTP Method	Authorization / Authentication
`https://{domain}/_app/uaf/1.1/request/authentication/`	POST	❌ None
`https://{domain}/_app/uaf/1.1/authentication/`	POST	❌ None
`https://{domain}/_app/uaf/1.1/registration/`	POST	❌ None
`https://{domain}/_app/uaf/1.1/facets`	GET	❌ None
`https://{domain}/_app/token/redeem/authentication/`	GET	❌ None
`https://{domain}/_app/token/redeem/registration/`	GET	❌ None
`https://{domain}/_app/token/dispatch/targets/`	PATCH	✅ JWS
`https://{domain}/_app/devices/credentials/{deviceId}`	GET	✅ JWS
`https://{domain}/_app/devices/credentials/{deviceId}`	PATCH	✅ JWS
`https://{domain}/_app/devices/credentials/{deviceId}`	DELETE	✅ JWS
`https://{domain}/_app/devices/oobOperations/{deviceId}`	GET	✅ JWS

nevisFIDO component

The following endpoints are exposed by the nevisFIDO component. For a working setup based on these defaults, set up a matching configuration in the other Nevis Mobile Authentication components: nevisProxy, nevisAuth, and nevisLogrend.

Refer to the Use Cases and Best Practices documentation in this guide for complete information on how to configure Nevis Mobile Authentication. Configuration snippets are provided there as well.

FIDO UAF endpoints

Public URL	HTTP Method	Recommended Authorization / Authentication
`/nevisfido/uaf/1.1/request/registration`	POST	✅ non-FIDO UAF
`/nevisfido/uaf/1.1/request/deregistration`	POST	✅ FIDO UAF
`/nevisfido/uaf/1.1/request/authentication`	POST	❌ None
`/nevisfido/uaf/1.1/registration`	POST	❌ None
`/nevisfido/uaf/1.1/authentication`	POST	❌ None
`/nevisfido/uaf/1.1/facets`	GET	❌ None

Dispatch token endpoints

Public URL	HTTP Method	Recommended Authorization / Authentication
`/nevisfido/token/dispatch/authentication`	POST	❌ None
`/nevisfido/token/dispatch/registration`	POST	✅ non-FIDO UAF
`/nevisfido/token/dispatch/deregistration`	POST	✅ FIDO UAF

Dispatch target endpoints

Public URL	HTTP Method	Recommended Authorization / Authentication
`/nevisfido/token/dispatch/targets`	GET	✅ Should not be exposed to external clients (only used by nevisAuth)
`/nevisfido/token/dispatch/targets/`	POST	✅ FIDO UAF
`/nevisfido/token/dispatch/targets/<id>`	PATCH	✅ JWS
`/nevisfido/token/dispatch/targets/<id>`	DELETE	✅ FIDO UAF

Create token endpoints

Public URL	HTTP Method	Recommended Authorization / Authentication
`/nevisfido/token/create/registration`	POST	✅ Password
`/nevisfido/token/create/authentication`	POST	❌ None
`/nevisfido/token/create/deregistration`	POST	✅ Password

Redeem token endpoints

Public URL	HTTP Method	Recommended Authorization / Authentication
`/nevisfido/token/redeem/registration`	POST	❌ None
`/nevisfido/token/redeem/authentication`	POST	❌ None
`/nevisfido/token/redeem/deregistration`	POST	❌ None

Status endpoint

Public URL	HTTP Method	Recommended Authorization / Authentication
`/nevisfido/status`	POST	❌ None

Device endpoints

Public URL	HTTP Method	Recommended Authorization / Authentication
`/nevisfido/devices/credentials/{deviceId}`	GET	✅ JWS
`/nevisfido/devices/credentials/{deviceId}`	PATCH	✅ JWS
`/nevisfido/devices/credentials/{deviceId}`	DELETE	✅ JWS
`/nevisfido/devices/oobOperations/{deviceId}`	GET	✅ JWS

Default HTTP API Endpoints

Identity Suite​

Authentication Cloud​

nevisFIDO component​

FIDO UAF endpoints​

Dispatch token endpoints​

Dispatch target endpoints​

Create token endpoints​

Redeem token endpoints​

Status endpoint​

Device endpoints​