Autional Autional
API Reference GitHub autional.com →

POST /mfa/push/approve

User approves a Push MFA challenge via device to complete identity verification. Supports Number Matching verification. Reference: NIST SP 800-63B §5.1.7 (Verifier Impersonation Resistance), OWASP ASVS V2.8.

Multi-Factor Authentication `bearerAuth` application/json

Request Body

Schema: dto.PushApproveRequest

FieldTypeRequiredExampleConstraintsDescription
challenge_id string Yes chal-abc123
number_matching string Yes 42
device_key string No hmac-sig

Responses

StatusDescriptionSchema
200Approved successfullydto.ValidDetailResponse
400Invalid parameter or challenge expiredgitee_com_linmes_authms_base_dto.SimpleResponse
401Unauthenticatedgitee_com_linmes_authms_base_dto.SimpleResponse
404Challenge not foundgitee_com_linmes_authms_base_dto.SimpleResponse
500Internal server errorgitee_com_linmes_authms_base_dto.SimpleResponse

Referenced Schemas

dto.ValidDetailResponse

FieldTypeRequiredExampleConstraintsDescription
code integer No
data dto.ValidResponse No
message string No
timestamp string No

dto.ValidResponse

FieldTypeRequiredExampleConstraintsDescription
valid boolean No True

gitee_com_linmes_authms_base_dto.SimpleResponse

FieldTypeRequiredExampleConstraintsDescription
code integer No
message string No
timestamp string No