Yubico Forum

Re: Two-factor through web services API

2009-07-15T09:28:40+01:00

As I understand it, the web service only provides one-factor authentication. That is that they verify the key that the user enters.

However, you can always extract the public ID from the users input (only the last 32 characters is the generated OTP, the remaining characters are the public ID). Together with this public ID, you can store password, pincode, email-verification etc, and use the public ID to lookup and authenticate the second factor yourself!

Statistics: Posted by Matts — Wed Jul 15, 2009 9:28 am

Two-factor through web services API

2009-07-11T14:17:04+01:00

I am using the java web services client code to do OTP verification against api.yubico.com. This all works fine but I would like to do two-factor authentication with the web services API like it can be done through the demo's on yubico.com.
How can we do this through web services - this is for a demo setup? Looking at the API it doesn't seem possible?!
However, my uid and password are stored in the database at yubico.com should something should be possible?

Thanks, Rene.

Statistics: Posted by klompje — Sat Jul 11, 2009 2:17 pm