Autional Autional
API Reference GitHub autional.com →

POST /internal/mfa/totp/validate

Internal verify user TOTP code without JWT authentication, called by other services (identity-service) during login. Requires InternalAPIKey authentication. Reference: RFC 6238 (TOTP), OWASP ASVS V2.8.3.

Multi-Factor Authentication None application/json

Request Body

Schema: dto.InternalTOTPValidateRequest

FieldTypeRequiredExampleConstraintsDescription
code string Yes
user_id string Yes
tenant_id string No

Responses

StatusDescriptionSchema
200Verification resultdto.ValidDetailResponse
400Invalid parametergitee_com_linmes_authms_base_dto.SimpleResponse
401Missing internal API authenticationgitee_com_linmes_authms_base_dto.SimpleResponse
500Internal server errorgitee_com_linmes_authms_base_dto.SimpleResponse

Referenced Schemas

dto.ValidDetailResponse

FieldTypeRequiredExampleConstraintsDescription
code integer No
data dto.ValidResponse No
message string No
timestamp string No

dto.ValidResponse

FieldTypeRequiredExampleConstraintsDescription
valid boolean No True

gitee_com_linmes_authms_base_dto.SimpleResponse

FieldTypeRequiredExampleConstraintsDescription
code integer No
message string No
timestamp string No