Default HTTP API Endpoints
Nevis Mobile Authentication exposes several HTTP API endpoints that are relevant for authentication clients. As Nevis is highly flexibly in regards to configuration, the following information is based on defaults and recommendations.
| Public URL | HTTP method | Required authorisation/authentication | |
|---|---|---|---|
| FIDO UAF service | /nevisfido/uaf/1.1/request/registration | POST | (tick) Password |
| /nevisfido/uaf/1.1/request/deregistration | POST | (tick) FIDO UAF | |
| /nevisfido/uaf/1.1/request/authentication | POST | (error) None | |
| /nevisfido/uaf/1.1/registration | POST | (error) None | |
| /nevisfido/uaf/1.1/authentication | POST | (error) None | |
| /nevisfido/uaf/1.1/facets | GET | (error) None | |
| Dispatch Token Service | /nevisfido/token/dispatch/authentication | POST | (error) None |
| /nevisfido/token/dispatch/registration | POST | (tick) Password | |
| /nevisfido/token/dispatch/deregistration | POST | (tick) FIDO UAF | |
| Dispatch Target Service | /nevisfido/token/dispatch/targets | GET | (tick) Should not be exposed to external clients (only used by nevisAuth) |
| /nevisfido/token/dispatch/targets/ | POST | (tick) FIDO UAF | |
/nevisfido/token/dispatch/targets/<id> | PATCH | (tick) JWS | |
/nevisfido/token/dispatch/targets/<id> | DELETE | (tick) FIDO UAF | |
| Create Token Service | /nevisfido/token/create/registration | POST | (tick) Password |
| /nevisfido/token/create/authentication | POST | (error) None | |
| /nevisfido/token/create/deregistration | POST | (tick) Password | |
| Redeem Token Service | /nevisfido/token/redeem/registration | POST | (error) None |
| /nevisfido/token/redeem/authentication | POST | (error) None | |
| /nevisfido/token/redeem/deregistration | POST | (error) None | |
| Status Service | /nevisfido/status | POST | (error) None |
The settings in the previous table are built into nevisFIDO as default settings. For a working setup based on these defaults, set up a matching configuration in the other Nevis Mobile Authentication components: nevisProxy, nevisAuth, and nevisLogrend. Refer to the Use Cases and Best Practices documentation in this guide for complete information on how to configure Nevis Mobile Authentication. Configuration snippets are provided there as well.