MIRACL Trust Backend API

POST /activate/initiate

Creates an MPin Identity and receives an activation token used to activate the identity during the registration process.

Endpoint authentication

  • Basic - The client ID and secret are used as a username:password pair for the HTTP Basic authentication of the request.

Parameters

Name Type Required Description
userId Body True The user ID for which an identity with the service will be created
deviceName Body False A human readable name of the device on which the identity will be created

Request example

curl -X POST --user "${clientId}:${clientSecret}" --data '{"userId":"test@example.com","deviceName":"Test Device"}' https://api.mpin.io/activate/initiate

Response example

{
  "hashMPinId": "ce1eb5b2da42cd5ba0c5f46365e7df0afe44cd1ccf26d880749144cdaa444c6c",
  "actToken": "763c1005ca540c4db8e6811222c207ea",
  "expireTime": 1634890606,
  "redirectURI": ""
}

GET /api/v1/customers/{customerId}/audit

Customer audit log

Endpoint authentication

  • Basic - The client ID and secret are used as a username:password pair for the HTTP Basic authentication of the request.

Parameters

Name Type Required Description
customerId Path True Customer ID
applicationId Query False Application ID
fromDate Query False Start date of the period
toDate Query False End date of the period
userId Query False User ID by which to filter the result set
mpinId Query False MPin ID by which to filter the result set
deviceName Query False Device name by which to filter the result set
offset Query False List offset
limit Query False List response limit

Request example

curl -X GET --user "${clientId}:${clientSecret}" "https://api.mpin.io/api/v1/customers/${customerId}/audit?fromDate=2021-06-01T00:00:00Z&toDate=2021-07-01T00:00:00Z&userId=test%40example.com&limit=10&offset=0"

Response example

{
  "total": 1,
  "list": [
    {
      "IPAddress": "87.227.194.151",
      "appID": "353f337f-ed78-4436-8f3c-5389ed83555c",
      "appName": "Test",
      "continent": "EU",
      "country": "UK",
      "createdAt": "2021-10-01T07:52:27.204579Z",
      "deviceName": "Chrome on Linux",
      "eventStatus": "authenticate_success",
      "eventType": "authentication",
      "mpinID": "c324f5e55e377de0343f37019ad5b77b8b01bdfee40014a54d76fd934e36a792",
      "userID": "test@example.com"
    }
  ]
}

GET /api/v1/customers/{customerId}/mpinids

List MPin IDs

Endpoint authentication

  • Basic - The client ID and secret are used as a username:password pair for the HTTP Basic authentication of the request.

Parameters

Name Type Required Description
customerId Path True Customer ID
userId Query False User ID by which to filter the result set
revoked Query False Revocation status by which to filter the result set
offset Query False List offset
limit Query False List response limit

Request example

curl -X GET --user "${clientId}:${clientSecret}" "https://api.mpin.io/api/v1/customers/${customerId}/mpinids?userId=test%40example.com&revoked=false&limit=10&offset=0"

Response example

{
  "total": 1,
  "list": [
    {
      "mpinId": "c324f5e55e377de0343f37019ad5b77b8b01bdfee40014a54d76fd934e36a792",
      "customerId": "86cd3e64-f641-416a-bf80-64b9b7eef8ea",
      "userId": "test@example.com",
      "deviceName": "Chrome on Windows",
      "ip": "87.227.194.151",
      "country": "UK",
      "continent": "EU",
      "dvs": false,
      "createdAt": "2021-08-12T14:54:10.817054Z",
      "updatedAt": "2021-08-12T14:54:10.819274Z",
      "revoked": false
    }
  ]
}

POST /api/v1/customers/{customerId}/mpinids/{mpinId}/revocation

Revoke an identity

Endpoint authentication

  • Basic - The client ID and secret are used as a username:password pair for the HTTP Basic authentication of the request.

Parameters

Name Type Required Description
customerId Path True Customer ID
mpinId Path True MPin ID to be revoked
reason Body False Reason for the revocation

Request example

curl -X POST --user "${clientId}:${clientSecret}" --data '{"reason":"account expiration"}' https://api.mpin.io/api/v1/customers/${customerId}/mpinids/c324f5e55e377de0343f37019ad5b77b8b01bdfee40014a54d76fd934e36a792/revocation

Response example

{
  "hashMPinID":"c324f5e55e377de0343f37019ad5b77b8b01bdfee40014a54d76fd934e36a792",
  "reason":"account expiration"
}