This topic describes the web service API for user authentication.
The authentication mechanism of the ZLUX server allows for an administrator to gate access to services by a given auth handler, while on the user side the authentication structure allows for a user to login to one or more endpoints at once provided they share the same credentials given.
Returns the current authentication status of the user to the caller.
Every key in the response object is a registered auth type. The value object is guaranteed to have a Boolean field named "authenticated" which indicates that at least one plugin in the category was able to authenticate the user.
Each item also has a field called "plugins", where every property value is a plugin-specific object.
Authenticates the user against authentication back-ends.
Request body example:
The categories parameter is optional. If omitted, all auth plugins are invoked with the username and password Response example:
First-level keys are authentication categories or types. "success" means that all of the types requested have been successful. For example typeA successful AND typeB successful AND ...
Second-level keys are auth plugin IDs. "success" on this level means that there's at least one successful result in that auth type. For example, pluginA successful OR pluginB successful OR ...
The response received by the browser when calling any service, when the user is either not authenticated or not allowed to access the service.
The client is supposed to address this by showing the user a login form which will later invoke the login service for the plugin mentioned and repeat the request.
There's no general way for the client to address this, except than show the user an error message.