Skip to main content
Version: 2.4.x.x Java 8 ELS

Default HTTP API Endpoints

Nevis Mobile Authentication exposes several HTTP API endpoints that are relevant for authentication clients. As Nevis is highly flexible in regards to configuration, the following information is based on defaults and recommendations.

FIDO UAF endpoints

Public URLHTTP methodRecommended authorization/authentication
/nevisfido/uaf/1.1/request/registrationPOST✅ non-FIDO UAF
/nevisfido/uaf/1.1/request/deregistrationPOST✅ FIDO UAF
/nevisfido/uaf/1.1/request/authenticationPOST❌ None
/nevisfido/uaf/1.1/registrationPOST❌ None
/nevisfido/uaf/1.1/authenticationPOST❌ None
/nevisfido/uaf/1.1/facetsGET❌ None

Dispatch token endpoints

Public URLHTTP methodRecommended authorization/authentication
/nevisfido/token/dispatch/authenticationPOST❌ None
/nevisfido/token/dispatch/registrationPOST✅ non-FIDO UAF
/nevisfido/token/dispatch/deregistrationPOST✅ FIDO UAF

Dispatch target endpoints

Public URLHTTP methodRecommended authorization/authentication
/nevisfido/token/dispatch/targetsGET✅ Should not be exposed to external clients (only used by nevisAuth)
/nevisfido/token/dispatch/targets/POST✅ FIDO UAF
/nevisfido/token/dispatch/targets/<id>PATCH✅ JWS
/nevisfido/token/dispatch/targets/<id>DELETE✅ FIDO UAF

Create token endpoints

Public URLHTTP methodRecommended authorization/authentication
/nevisfido/token/create/registrationPOST✅ Password
/nevisfido/token/create/authenticationPOST❌ None
/nevisfido/token/create/deregistrationPOST✅ Password

Redeem token endpoints

Public URLHTTP methodRecommended authorization/authentication
/nevisfido/token/redeem/registrationPOST❌ None
/nevisfido/token/redeem/authenticationPOST❌ None
/nevisfido/token/redeem/deregistrationPOST❌ None

Status endpoint

Public URLHTTP methodRecommended authorization/authentication
/nevisfido/statusPOST❌ None

The settings in the previous table are built into nevisFIDO as default settings. For a working setup based on these defaults, set up a matching configuration in the other Nevis Mobile Authentication components: nevisProxy, nevisAuth, and nevisLogrend.

Refer to the Use Cases and Best Practices documentation in this guide for complete information on how to configure Nevis Mobile Authentication. Configuration snippets are provided there as well.