Yubico Forum
https://forum.yubico.com/

How to enroll in upgrade.yubico/getapikey programmatically?
https://forum.yubico.com/viewtopic.php?f=3&t=853		 Page 1 of 1
Author:  memonono [ Wed Aug 29, 2012 9:09 am ]
Post subject:  How to enroll in upgrade.yubico/getapikey programmatically?
How to enroll in upgrade.yubico.com/getapikey programmatically?
I am using the C# client and I want to register the key and self-enrollment via code instead of going and registering the key manually from the website.
Author:  Klas [ Wed Aug 29, 2012 12:55 pm ]
Post subject:  Re: How to enroll in upgrade.yubico/getapikey programmatical
Hello,

The id/apiKey is per application, not per key. So you should only need to get one and store that for your application, no need to get one for each YubiKey used with your service.

/klas
Author:  memonono [ Wed Aug 29, 2012 5:33 pm ]
Post subject:  Re: How to enroll in upgrade.yubico/getapikey programmatical
but every time I register I get different
ClientID
SecretKey

and this is per key per registration
Author:  Klas [ Thu Aug 30, 2012 8:42 am ]
Post subject:  Re: How to enroll in upgrade.yubico/getapikey programmatical
Hello,

Yes, every time you register a new id/key is generated, the registration is intended to be static for your application and it should just use one set of id/key, regardless of how many different YubiKeys you want to validate.

/klas
Author:  memonono [ Fri Aug 31, 2012 2:48 pm ]
Post subject:  Re: How to enroll in upgrade.yubico/getapikey programmatical
Sorry but I still can't get it :(

I have three Yubikey(s):

Now whenever I visit this page upgrade.yubico/getapikey,
it asks only for an email (fixed) and OTP (which is generated by the key)
The results is ClientID and SecretKey.

if I register the same yubikey1 again with the same email, I get different ClientID and SecretKey!
and if register different yubikey2 or yubikey3 with same email, I get different ClientID and SecretKey!

from what I see, everything is not fixed! where is the id/apiKey you talk about? and how do I connect the key1, 2 and 3 with the apikey?
Author:  Klas [ Mon Sep 03, 2012 8:37 am ]
Post subject:  Re: How to enroll in upgrade.yubico/getapikey programmatical
So I'll try to explain again =)

The "Client Id" and "Secret Key" you get from https://upgrade.yubico.com/getapikey/ are only for identifying the application that verifies keys to YubiCloud, there is no connection between them and your YubiKeys.
Every time you register on the service you get a new id and a new key. The only reason you have to give us an OTP to get the id and key is that we want to limit abuse of the service.

/klas
Author:  arn [ Thu Jun 26, 2014 9:20 am ]
Post subject:  Re: How to enroll in upgrade.yubico/getapikey programmatical
Sorry for jumping in on an old thread.

Just to clarify, "Client Id" and "Secret Key" are for authenticating API client, correct?

So by default sending API request and receiving OK just means that someone has a working YubiKey, nothing more, correct?

To make sure that the key one of my own, I should first take what steps? Use returned OTP to extract identity part and compare it to white-listed identities?
Author:  Klas [ Fri Jun 27, 2014 1:13 pm ]
Post subject:  Re: How to enroll in upgrade.yubico/getapikey programmatical
arn wrote:
Just to clarify, "Client Id" and "Secret Key" are for authenticating API client, correct?


Yes.

arn wrote:
So by default sending API request and receiving OK just means that someone has a working YubiKey, nothing more, correct?


Correct.

arn wrote:
To make sure that the key one of my own, I should first take what steps? Use returned OTP to extract identity part and compare it to white-listed identities?


Exactly.

/klas
Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/