POST /mfa/push/approve
User approves a Push MFA challenge via device to complete identity verification. Supports Number Matching verification. Reference: NIST SP 800-63B §5.1.7 (Verifier Impersonation Resistance), OWASP ASVS V2.8.
Multi-Factor Authentication `bearerAuth` application/json
Request Body
Schema: dto.PushApproveRequest
| Field | Type | Required | Example | Constraints | Description |
challenge_id |
string |
Yes |
chal-abc123 |
|
|
number_matching |
string |
Yes |
42 |
|
|
device_key |
string |
No |
hmac-sig |
|
|
Referenced Schemas
dto.ValidDetailResponse
| Field | Type | Required | Example | Constraints | Description |
code |
integer |
No |
|
|
|
data |
dto.ValidResponse |
No |
|
|
|
message |
string |
No |
|
|
|
timestamp |
string |
No |
|
|
|
dto.ValidResponse
| Field | Type | Required | Example | Constraints | Description |
valid |
boolean |
No |
True |
|
|
gitee_com_linmes_authms_base_dto.SimpleResponse
| Field | Type | Required | Example | Constraints | Description |
code |
integer |
No |
|
|
|
message |
string |
No |
|
|
|
timestamp |
string |
No |
|
|
|