POST
/v1/auth/security-questions/verifyAuthorization
Descope Project ID:Refresh JWT AuthorizationBearer <token>
Project ID:Refresh JWT as bearer token.
In: header
Request Body
application/json
loginId?string
answers?array<SecurityQuestionAnswer>
stepup?boolean
Verifies the security questions for a user
curl -X POST "https://api.descope.com/v1/auth/security-questions/verify" \ -H "Content-Type: application/json" \ -d '{}'{ "sessionJwt": "string", "refreshJwt": "string", "cookieDomain": "string", "cookiePath": "string", "cookieMaxAge": 0, "cookieExpiration": 0, "user": { "loginIds": [ "string" ], "userId": "string", "name": "string", "email": "string", "phone": "string", "verifiedEmail": true, "verifiedPhone": true, "roleNames": [ "string" ], "userTenants": [ { "tenantId": "string", "roleNames": [ "string" ], "tenantName": "string", "permissions": [ "string" ], "roleIds": [ "string" ] } ], "status": "string", "externalIds": [ "string" ], "picture": "string", "test": false, "customAttributes": { "attribute-key": "attribute-value" }, "createdTime": 0, "TOTP": false, "SAML": false, "OAuth": { "property1": false, "property2": false }, "webauthn": true, "password": true, "ssoAppIds": [ "string" ], "givenName": "string", "middleName": "string", "familyName": "string", "editable": true, "SCIM": true, "push": true, "permissions": [ "string" ], "OIDC": true, "consentExpiration": 0, "recoveryEmail": "string", "verifiedRecoveryEmail": true, "recoveryPhone": "string", "verifiedRecoveryPhone": true, "modifiedTime": 0, "roleIds": [ "string" ] }, "firstSeen": true, "idpResponse": { "samlResponse": "string", "samlGeneratedUser": "string", "samlGeneratedRoles": "string", "oidcResponse": "string", "oidcGeneratedUser": "string", "oidcGeneratedRoles": "string", "idpGroups": [ "string" ], "idpSAMLAttributes": false, "idpOIDCClaims": {} }, "sessionExpiration": 0, "externalToken": "string", "claims": {}, "tenantSSOID": "string", "trustedDeviceJwt": "string", "nextRefreshSeconds": 0, "cookieName": "string", "sessionCookieName": "string", "sessionCookieDomain": "string", "unsavedSSO": true}/** * NOTE: if you add a new field to this message, also add it to the OptionalJWTResponse message */export interface Response {sessionJwt?: stringrefreshJwt?: stringcookieDomain?: stringcookiePath?: stringcookieMaxAge?: numbercookieExpiration?: numberuser?: ResponseUserfirstSeen?: booleanidpResponse?: IDPResponsesessionExpiration?: numberexternalToken?: stringclaims?: {}tenantSSOID?: stringtrustedDeviceJwt?: stringnextRefreshSeconds?: numbercookieName?: stringsessionCookieName?: stringsessionCookieDomain?: stringunsavedSSO?: boolean}export interface ResponseUser {loginIds?: string[]userId?: stringname?: stringemail?: stringphone?: stringverifiedEmail?: booleanverifiedPhone?: booleanroleNames?: string[]userTenants?: UserTenants[]status?: stringexternalIds?: string[]picture?: stringtest?: boolean/** * Custom attributes as key-value pairs. Keys must be strings; values can be strings, numbers, booleans, or arrays. */customAttributes?: {[k: string]: string}createdTime?: numberTOTP?: booleanSAML?: booleanOAuth?: {[k: string]: boolean}webauthn?: booleanpassword?: booleanssoAppIds?: string[]givenName?: stringmiddleName?: stringfamilyName?: stringeditable?: booleanSCIM?: booleanpush?: booleanpermissions?: string[]OIDC?: booleanconsentExpiration?: numberrecoveryEmail?: stringverifiedRecoveryEmail?: booleanrecoveryPhone?: stringverifiedRecoveryPhone?: booleanmodifiedTime?: number/** * roleIds holds the IDs of this entry's roles. Order is NOT guaranteed to match * roleNames — do not pair them by index. Use roleIds or roleNames independently. */roleIds?: string[]}export interface UserTenants {tenantId?: stringroleNames?: string[]tenantName?: stringpermissions?: string[]/** * roleIds holds the IDs of this entry's roles. Order is NOT guaranteed to match * roleNames — do not pair them by index. Use roleIds or roleNames independently. */roleIds?: string[]}export interface IDPResponse {samlResponse?: stringsamlGeneratedUser?: stringsamlGeneratedRoles?: stringoidcResponse?: stringoidcGeneratedUser?: stringoidcGeneratedRoles?: stringidpGroups?: string[]idpSAMLAttributes?: booleanidpOIDCClaims?: {}} Was this helpful?
Sets up security questions for a user POST
Sets up security questions for a user
Exchange Key POST
### Exchange API key for access token This API Endpoint will take an API key for the project and provide an access token to be used for accessing the application. The session token JWT token will be valid for the configured [Session Token Timeout](/project-settings#session-token-timeout), and its expiration time will be provided in the `expiration` field of the response object.