auth.login_ex_continue

Continue in-progress authentication attempt. This endpoint should be called to continue an auth.login_ex attempt that returned OTP_REQUIRED.

This is a convenience wrapper around auth.login_ex for API consumers.

params: mechanism: the mechanism by which to continue authentication. Currently the only supported mechanism here is OTP_TOKEN.

OTP_TOKEN otp_token: one-time password token. This is only permitted if a previous auth.login_ex call responded with “OTP_REQUIRED”.

returns: JSON object containing the following keys:

response_type - will be one of the following: SUCCESS - continued auth was required

OTP_REQUIRED - otp token was rejected. API consumer may call this endpoint again with correct OTP token.

AUTH_ERR - invalid OTP token submitted too many times.

Type: object

Type: array
No Additional Items

Tuple Validation

Parameter 1: login_data

login_data

Type: object
No Additional Properties

Mechanism

Type: const
Must be one of:
  • "OTP_TOKEN"
Specific value: "OTP_TOKEN"

Otp Token

Type: string

AuthCommonOptions

Type: object Default: {"user_info": true}
No Additional Properties

User Info

Type: boolean Default: true

Result


AuthRespSuccess

Type: object
No Additional Properties

Response Type

Type: const
Must be one of:
  • "SUCCESS"
Specific value: "SUCCESS"


AuthUserInfo

Type: object
No Additional Properties

Pw Name

Type: string

name of the user

Pw Gecos

Type: string

full username or comment field

Pw Dir

Type: string

user home directory

Pw Shell

Type: string

user command line interpreter

Pw Uid

Type: integer

numerical user id of the user

Pw Gid

Type: integer

numerical group id for the user's primary group

Grouplist


optional list of group ids for groups of which this account is a member. If get_groups is not specified,
this value will be null.

Type: array of integer
No Additional Items
Each item of this array must be:
Type: integer
Type: null

Sid


optional SID value for the account that is present if sid_info is specified in payload.

Type: string
Type: null

Source

Type: enum (of string)

the source for the user account.

Must be one of:
  • "LOCAL"
  • "ACTIVEDIRECTORY"
  • "LDAP"

Local

Type: boolean

boolean value indicating whether the account is local to TrueNAS or provided by a directory service.

Attributes

Type: object

Two Factor Config

Type: object

Privilege

Type: object

Account Attributes

Type: array of string
No Additional Items
Each item of this array must be:
Type: string
Type: null

Authenticator

Type: enum (of string)
Must be one of:
  • "LEVEL_1"
  • "LEVEL_2"

AuthRespAuthErr

Type: object
No Additional Properties

Response Type

Type: const
Must be one of:
  • "AUTH_ERR"
Specific value: "AUTH_ERR"

AuthRespExpired

Type: object
No Additional Properties

Response Type

Type: const
Must be one of:
  • "EXPIRED"
Specific value: "EXPIRED"

AuthRespOTPRequired

Type: object
No Additional Properties

Response Type

Type: const
Must be one of:
  • "OTP_REQUIRED"
Specific value: "OTP_REQUIRED"

Username

Type: string

AuthRespAuthRedirect

Type: object
No Additional Properties

Response Type

Type: const
Must be one of:
  • "REDIRECT"
Specific value: "REDIRECT"

Urls

Type: array of string
No Additional Items
Each item of this array must be:
Type: string


Required roles: