Skip to content

Email + Email Verification Code Secondary Authentication API

If email + email verification code secondary authentication is required during login, call this API for secondary authentication.

Request Description

Request Headers

Parameter NameNameRequiredTypeDescription
X-operating-sys-versionCaller operating system versionYesStringwindows10.1.1
X-device-fingerprintCaller device fingerprintYesString156aysdna213sc50
X-device-ipCaller IPNoString192.168.1.2
X-agentUser-Agent informationYesStringMozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) AppleWebKit/605.1.15(KHTML, like Gecko) Mobile/15E148/HuaWei-AnyOffice/2.6.1802.0010/com.huawei.cloudlink.workplace
X-LUsed for internationalization language settingNoStringzh
X-client-idApplication authorization IDYesStringnTo1eRIub60vPb54WeE6aojPwYwImtl4
X-state-tokenTemporary tokenYesStringeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZW1...

Request Example

json
{
    "email": "zhangsan@qq.com",
    "verify_code": "123456"
}

Request Parameters

Parameter NameNameRequiredTypeDescription
emailEmailYesStringEmail address that receives the verification code
verify_codeEmail verification codeYesStringReceived verification code.
To obtain the verification code, see Send Email Verification Code API.
type = MFA_AUTH_EMS

Response Example

Success Example

HTTP/1.1 200 OK

json
{
    "status": "SUCCESS",
    "expire": 43200,
    "session_token": "LGTiTNVDFPlpefV3F3Hla7RUFTqInsqa",
    "id_token": "eyJraWQiOiJrMSIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJJc3N1ZXIiLCJhdWQiOiJBdWRpZW5jZSIsImV4cCI6MTY1MzQ4NDQxMiwianRpIjoieUxSVGZXY1VkYk9PeUFpbHdZU0ZqZyIsImlhdCI6MTY1MzQ2NjQxMiwibmJmIjoxNjUzNDY2MjkyLCJzdWIiOiJzdWJqZWN0IiwiYXBpIjoie1wibmFtZVwiOlwiXCIsXCJtb2JpbGVcIjpcIis4Ni0xNTkwNzEzMjg1MlwiLFwiaWRcIjpcIjIwMjIwNDI1MTQwMTM4NTE5LUJGMUItNTI4QjA1NTFCXCIsXCJ1c2VyTmFtZVwiOlwibG91eGlcIixcImVtYWlsXCI6XCIxMUBxcS5jb21cIn0ifQ.al79knH1fKa4aT4AFr_FMjqBKu2pV_g-lKzzgHzmor5X-dHwSBUtjH38KOzjIqHvkcRMjXQuBnWmjRI7-0Djn2LuWVueaf3wRXLscCWiSDC7chjUyTRXMatYINxdvW-oSWFYGFqqbdsavLqOnvehd7ahEaTuiL9yZolvslZIkIxjxBJJu7A9Ln2sk3wf9pxXU83jIJ8ubPQBoVS-ilerTTJOKDZ9XsL2ftJsaqdTJK_mYbvKaVpLIVyHHJ2NcF6f-Al4N4kc8cgxtSgSKFDcR7Bz7dYlOcfUXCPAzJ3NZInm8UaksiWU02tvlvTRvRdoxZNnvD5vamZ5hjFc-cW5jA"
}
}

Error Example

HTTP/1.1 400 Bad Request

json
{
    "error_code": "SDK.COMMON.1001",
    "error_msg": "Parameter X-client-id cannot be left blank."
}

Response Parameters

Parameter NameNameTypeDescription
statusReturned resultStringPossible values for this field are as follows:
SUCCESS Login successful
ACCESS_DENIED Access denied
expiresession_token validity periodNumbersession_token validity period; within the validity period, session_token can be used to obtain a ticket
session_tokenUser session_tokenStringUser session_token; this token can be used to call IDaaS APIs to obtain sso_ticket, which can be exchanged for user information

BambooCloud IDaaS Open Platform