Authorization
Descope Project ID:Refresh JWT AuthorizationBearer <token>
Project ID:Refresh JWT as bearer token.
In: header
Request Body
application/json
loginId?string
answers?array<SecurityQuestionAnswer>
stepup?boolean
Verifies the security questions for a user
curl -X POST "https://api.descope.com/v1/auth/security-questions/verify" \ -H "Content-Type: application/json" \ -d '{}'{ "sessionJwt": "string", "refreshJwt": "string", "cookieDomain": "string", "cookiePath": "string", "cookieMaxAge": 0, "cookieExpiration": 0, "user": { "loginIds": [ "string" ], "userId": "string", "name": "string", "email": "string", "phone": "string", "verifiedEmail": true, "verifiedPhone": true, "roleNames": [ "string" ], "userTenants": [ { "tenantId": "string", "roleNames": [ "string" ], "tenantName": "string", "permissions": [ "string" ] } ], "status": "string", "externalIds": [ "string" ], "picture": "string", "test": false, "customAttributes": { "attribute-key": "attribute-value" }, "createdTime": 0, "TOTP": false, "SAML": false, "OAuth": { "property1": false, "property2": false }, "webauthn": true, "password": true, "ssoAppIds": [ "string" ], "givenName": "string", "middleName": "string", "familyName": "string", "editable": true, "SCIM": true, "push": true, "permissions": [ "string" ], "OIDC": true, "consentExpiration": 0 }, "firstSeen": true, "idpResponse": { "samlResponse": "string", "samlGeneratedUser": "string", "samlGeneratedRoles": "string", "oidcResponse": "string", "oidcGeneratedUser": "string", "oidcGeneratedRoles": "string", "idpGroups": [ "string" ], "idpSAMLAttributes": false, "idpOIDCClaims": {} }, "sessionExpiration": 0, "externalToken": "string", "claims": {}, "tenantSSOID": "string", "trustedDeviceJwt": "string", "nextRefreshSeconds": 0, "cookieName": "string", "sessionCookieName": "string", "sessionCookieDomain": "string", "unsavedSSO": true}/** * NOTE: if you add a new field to this message, also add it to the OptionalJWTResponse message */export interface Response {sessionJwt?: stringrefreshJwt?: stringcookieDomain?: stringcookiePath?: stringcookieMaxAge?: numbercookieExpiration?: numberuser?: ResponseUserfirstSeen?: booleanidpResponse?: IDPResponsesessionExpiration?: numberexternalToken?: stringclaims?: {}tenantSSOID?: stringtrustedDeviceJwt?: stringnextRefreshSeconds?: numbercookieName?: stringsessionCookieName?: stringsessionCookieDomain?: stringunsavedSSO?: boolean}export interface ResponseUser {loginIds?: string[]userId?: stringname?: stringemail?: stringphone?: stringverifiedEmail?: booleanverifiedPhone?: booleanroleNames?: string[]userTenants?: UserTenants[]status?: stringexternalIds?: string[]picture?: stringtest?: boolean/** * Custom attributes as key-value pairs. Keys must be strings; values can be strings, numbers, booleans, or arrays. */customAttributes?: {[k: string]: string}createdTime?: numberTOTP?: booleanSAML?: booleanOAuth?: {[k: string]: boolean}webauthn?: booleanpassword?: booleanssoAppIds?: string[]givenName?: stringmiddleName?: stringfamilyName?: stringeditable?: booleanSCIM?: booleanpush?: booleanpermissions?: string[]OIDC?: booleanconsentExpiration?: number}export interface UserTenants {tenantId?: stringroleNames?: string[]tenantName?: stringpermissions?: string[]}export interface IDPResponse {samlResponse?: stringsamlGeneratedUser?: stringsamlGeneratedRoles?: stringoidcResponse?: stringoidcGeneratedUser?: stringoidcGeneratedRoles?: stringidpGroups?: string[]idpSAMLAttributes?: booleanidpOIDCClaims?: {}} Was this helpful?
Sets up security questions for a user POST
Sets up security questions for a user
Exchange Key POST
### Exchange API key for access token This API Endpoint will take an API key for the project and provide an access token to be used for accessing the application. The session token JWT token will be valid for the configured [Session Token Timeout](/project-settings#session-token-timeout), and its expiration time will be provided in the `expiration` field of the response object.