RapidIdentity Product Guides - 2019 Rolling Release

At the API level, you know that a QR code may be used to initialize the authentication process if the response from the initialization request contains the property allowQRCodeScan with a value of true.

Currently, there are to ways for this to happen:

HTTP/1.1 200 OK 
Content-Type: application/json
{
  "type": "username+password",
  "id": "35bf1450-2dbe-11e6-8a8b-005056c00008",
  "allowQRCodeScan": true,
  "claimAccountLink": {
    "href": "/arms/claim/",
    "displayName": "Claim My Account"
  },
  "helpLinks": [
    {
      "href": "/arms/forgotmyusername",
      "displayName": "Forgot My Username"
    },
    {
      "href": "/arms/forgotmypassword?redirect_to=/arms",
      "displayName": "Forgot My Password"
    }
  ]
}

To successfully initialize the authentication process with a QR code, the client must send a request containing the value encoded by the QR Code as read by a scanner:

POST /idp/ws/rest/authn HTTP/1.1 
Content-Type: application/json 
Accept: application/json
{
  "type": "qrCode",
  "id": "35bf1450-2dbe-11e6-8a8b-005056c00008",
  "value": "gobbledygookgibbersih"
}

Here is an example response from the server indicating that QR Code authentication is required as the next step:

HTTP/1.1 200 OK 
Content-Type: application/json
{
  "type": "qrCode",
  "id": "e89afb10-2e6e-11e6-b6f0-005056c00008"
}

To successfully complete the QR code authentication step, the client must send a request containing the value encoded by the QR Code as read by a scanner:

POST /idp/ws/rest/authn HTTP/1.1 
Content-Type: application/json 
Accept: application/json
{
  "type": "qrCode",
  "id": "e89afb10-2e6e-11e6-b6f0-005056c00008",
  "value": "gobbledygookgibbersih"
}