Authentication request
Before sending its request, the APP must create an "authentication request data" object (auth_req_data
) it will send to the PKSA
auth_req_data
{
app: {
name: string
description: string = undefined
icon: string = undefined
},
challenge: object = undefined
token: string = undefined // DEPRECATED - protocol < 1 only
}
app
: an object describing the applicationname
: short name of the app (ex: "myapp")description
: (optional) description of the app (ex: "My Hive Application")icon
: (optional) URL to retrieve the application icon (ex: "https://myapp.com/logo.png")
challenge
: (optional) achallenge_data
object that the app can pass to the PKSA for signing (see Challenge request)token
: (optional) a valid session token previously received from the PKSA - Deprecated since protocol V1
The APP must then encrypt the auth_req_data
object using the auth_key
(see Encryption Key)
Finally, the APP sends its authentication request (auth_req
) to the HAS using the following message:
auth_req
{
cmd: "auth_req"
account: string
data: string
}
account
: the Hive account name that the application wants to authenticatedata
: the Base64 representation of an encryptedauth_req_data
object
The HAS will reply with an auth_wait message
auth_wait
{
cmd: "auth_wait"
uuid: string
expire: number
account: string
}
uuid
: a unique identifier given by the HAS to the requestexpire
: UNIX timestamp when the authentication request will expireaccount
: account doing the authentication request
Last updated