Authentication & Login

The APIs mentioned in this section are REST APIs that may be called in authentication flows, for example by a standard AuthState, or by a Groovy script executed by a nevisAuth ScriptState.

It is typically not required to call these APIs directly, as the main way to interact with Nevis ID is through Federation.

These APIs are primarily considered to be internal. You can call these APIs from a nevisAuth ScriptState with Groovy, but they are rarely exposed to the internet for consumption by external clients.

The subsections Login and Login info mention APIs of the nevisIDM component. This is obvious as the request paths all start with /nevisidm/.

These APIs can be involved in authentication flows, but are usually only called when there is no standard pattern for your use case.

The subsection Session Management describes the /management/session API of the nevisAuth component. This API is also internal and used in a session termination use case provided by nevisAdapt.

Endpoints in this section

Path	Methods	Purpose
/nevisidm/api/auth/v1/{clientExtId}/users/{userExtId}/password/login	POST	Authenticate with a password
/nevisidm/api/auth/v1/{clientExtId}/users/{userExtId}/device-password/login	POST	Authenticate with a device password
/nevisidm/api/auth/v1/{clientExtId}/users/{userExtId}/context-password/login	POST	Authenticate with a context password
/nevisidm/api/auth/v1/{clientExtId}/users/{userExtId}/otp/login	POST	Authenticate with an OTP
/nevisidm/api/auth/v1/{clientExtId}/users/{userExtId}/otp/challenge	POST	Generate an OTP challenge
/nevisidm/api/auth/v1/{clientExtId}/users/{userExtId}/recovery-codes/login	POST	Authenticate with a recovery code
/nevisidm/api/core/v1/{clientExtId}/users/{userExtId}/login-info	POST	Update user's login information
/nevisidm/api/core/v1/{clientExtId}/users/{userExtId}/bulk-login-info	POST	Bulk update login information
/management/session	DELETE	Terminate sessions by attribute
/management/session/{id}	DELETE	Terminate a session by session ID