Cloud Administration Live Verification APIs
The Live Verification APIs enable you to securely verify a user's identity in real time using any registered multi-factor authentication (MFA) method. These APIs support the end-to-end verification process during help desk support interactions, including initiating a verification request, checking its status, validating a user’s verification code, or canceling the session if needed.
Note: These APIs are licensed. See ID Plus Subscription Plans.
For information about managing access to this API, see Accessing the Cloud Administration APIs.
Authentication
Clients calling these APIs must authenticate themselves by including an OAuth token in a request. For information on using this token, see Manage OAuth API Clients.
Software Developer Kit
You can download the API Software Developer Kit (SDK) from Cloud Administration REST API Download.
Start Verify API
The Start Verify API initiates a Live Verification session by triggering an MFA prompt to the user’s registered device. You can use it during support calls to confirm a user's identity before making changes like updating profile details or adding a new device.
Note: Only customers with an active Live Verification license can use the Start Verify API.
Request Requirements
Use the following information to start the live verification process for a user.
| Method | Request URL | Response Codes |
|---|---|---|
| POST | /AdminInterface/restapi/v1/users/ < userId >/verify/start | 200, 400, 403, 404, 409, 500 |
Request Parameter
Use the following request parameter.
| Request Parameter | Description | Data Type |
|---|---|---|
| <userId> | Unique user identifier in uuid format | String |
Request Body
No request body is required.
Example Request Data
The following example displays a request.
POST /AdminInterface/restapi/v1/users/021c6ea5-5b27-c0e1-c04f-886bd0416e5a/verify/start
Content-Type: application/json
Authorization: Bearer <Oauth token>
Example Response Body
The following example displays a response body.
{
"userId": "021c6ea5-5b27-c0e1-c04f-886bd0416e5a",
"userEmail": " example@rsavia.com",
"adminUsername": "admin@rsavia.com ",
"sessionExpiration": "2025-02-25T19:10:30.045Z"
"verifyUrl": "https://mycompany.auth-dev.securid.com/verify"
}Response Property Descriptions
The following table shows property descriptions and data types.
| Property | Description | Data Type |
|---|---|---|
| adminUsername | Administrator who initiated verify session. | String |
| sessionExpiration | Expiration date of the verify session. See https://www.w3.org/TR/NOTE-datetime for information on formatting timestamps in ISO 8601 format. | String |
| userEmail | user email | String |
| userId | user uuid | String |
| verifyUrl | The verification url | String |
Response Codes
The following table shows response codes for this API.
| Code | Description |
|---|---|
| 200 | Successfully started the verification for the end user. |
| 400 | The operation was not performed. One of the following messages may be returned:
|
| 403 | Not authorized to perform the request. When the customer is not entitled to use this feature, the system returns HTTP 403. |
| 404 | User does not exist. The following error message is returned: User <userId> not found. |
| 409 | Session is already in progress by another admin. The following error message is returned: User has a verification session going on already. |
| 429 | Too many requests. |
| 500 | Internal server error occurred when processing the request, or an unexpected error occurred. One of the following error messages may be returned:
|
Status API
The Status API retrieves the current state of an active Live Verify session.
Request Requirements
Use the following information to check the status of a verification request the live verification process for a user.
| Method | Request URL | Response Codes |
|---|---|---|
| GET | /AdminInterface/restapi/v1/users/ < userId >/verify/status | 200, 400, 403, 500 |
Request Parameter
Use the following request parameter.
| Request Parameter | Description | Data Type |
|---|---|---|
| <userId> | Unique user identifier in uuid format | String |
Response Body
The following example displays a response body.
{
"status": "STARTED",
"sessionExpiration": "2025-02-25T19:10:30.045Z",
"adminUsername": "admin@rsavia.com"
}Response Property Descriptions
The following table shows property descriptions and data types.
| Property | Description | Data Type |
|---|---|---|
| adminUsername | The administrator who initiated the live verification session. | String |
| status | Status of the ongoing live verification session. Can be one of the following:
| String |
| sessionExpiration | Expiration date of the live verification session.
See https://www.w3.org/TR/NOTE-datetime for information on formatting timestamps in ISO 8601 format. | String |
Response Codes
The following table shows response codes for this API.
| Code | Description |
|---|---|
| 200 | Successfully returned the started verification status back. |
| 400 | The operation was not performed. One of the following messages may be returned: Missing or invalid user identifier |
| 403 | Not authorized to perform the request. |
| 500 | Internal server error occurred when processing the request, or an unexpected error occurred. |
Validate API
The Validate API confirms whether the verification code entered by the user is correct for the current Live Verify session. You can use it to complete the identity verification process after the user responds to the MFA prompt.
Request Requirements
Use the following information to validate the live verification code for a user.
| Method | Request URL | Response Codes |
|---|---|---|
| POST | /AdminInterface/restapi/v1/users/ < userId >/verify/code | 200, 400, 403, 404, 409, 500 |
Request Parameter
Use the following request parameter.
| Request Parameter | Description | Data Type |
|---|---|---|
| <userId> | Unique user identifier in uuid format | String |
Request Body
| Request Body | Description | Data Type |
|---|---|---|
| { "verifyCode": "<code>" } | JSON carrying verifyCode | JSON String |
Response Body
The following example displays a response body.
{
"verifyStatus": "SUCCESSFUL_CODE_VERIFICATION | FAILED_CODE_VERIFICATION",
"adminUsername": "<email of the admin who started the session>"
}Response Codes
The following table shows response codes and descriptions for API.
| Code | Description |
|---|---|
| 200 | Successfully completed the validation of the verify code for the end user. The response body will tell you whether or not the verification was successful or failed. |
| 400 | The operation was not performed. One of the following messages may be returned:
|
| 403 | Not authorized to perform the request. |
| 404 | User does not exist. One of the following messages may be returned:
|
| 409 | Session is already in progress by another administrator. The following error message is returned: User has a verification session going on already. |
| 500 | Internal server error occurred when processing the request, or an unexpected error occurred. |
Cancel API
The Cancel API cancels a Live Verify session that is in progress. Use it to end the session if it is no longer required.
Request Requirements
Use the following information to cancel the live verification process for a user.
| Method | Request URL | Response Codes |
|---|---|---|
| POST | /AdminInterface/restapi/v1/users/ < userId >/verify/cancel | 200, 400, 403, 404, 409, 500 |
Request Parameters
Use the following request parameter.
| Request Parameter | Description | Data Type |
|---|---|---|
| <userId> | Unique user identifier in uuid format | String |
Request Body
No request body is required.
Response Body
No response body is required.
Response Codes
The following table shows response codes for this API.
| Code | Description |
|---|---|
| 200 | Successfully cancelled the verification for the end user. |
| 400 | The operation was not performed. One of the following messages is returned: Missing or invalid user identifier. |
| 403 | Not authorized to perform the request. |
| 404 | Live verify session does not exist. |
| 409 | Session is already in progress by another admin, so the session was not cancelled. Only the admin who created the Live verify session can cancel that session. |
| 500 | Internal server error occurred when processing the request, or an unexpected error occurred. |
Live Verification API Error Messages
The following table lists possible error messages returned by the Live Verification APIs, along with their descriptions.
| Error | Message |
|---|---|
| ERROR | An error occurred. |
| POLICY_NOT_ENABLED | Live Verification policy is not enabled or has not been published. |
| INVALID_USER_ID | Missing or invalid user identifier. |
| USER_NOT_FOUND | User not found. |
| USER_NOT_FOUND | User is disabled. |
| SESSION_NOT_FOUND | Session not found. |
Related Articles
Live Verification Policy Number of Views Live Verification for Users Number of Views Authentication Manager 7.x stops authenticating and hanging - unable open any tab in Security and Operations Console after… Number of Views SA server is not connecting SA Live cloud due to Local network Proxy Number of Views Ping Identity - IdP for My Page - RSA Ready Implementation Guide Number of Views
Trending Articles
How to recover the Application and AFX after an unexpected database failure in RSA Identity Governance & Lifecycle RSA SecurID Software Token 5.0.2 for Windows Desktop displays message after reboot due to roaming profile: No token stor… RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Downloading RSA Authentication Manager license files or RSA Software token seed records RSA Release Notes for RSA Authentication Manager 8.8
