Magento 2.4.2-p2
Greetings,
I'm interested in to get an admin token from the REST API when 2FA is enabled and as authentication provider U2F is used. I have a small application running on another server that modifies some Product attributes from time to time. This application needs the admin token for authentication.
I have configured 2FA successfully and can login via U2F (YubiKey) to the adminhtml. However, I cannot find any documentation on how to authenticate through the REST API using U2F.
Here is a documentation on how this would work with Google Authenticator: https://devdocs.magento.com/guides/v2.4/rest/tutorials/prerequisite-tasks/create-admin-token.html
I have found some endpoints in the REST API docs that seem to correspond to the u2fkey authorization (search for u2fkey). Especially, the https://magento.redoc.ly/2.4.3-admin/tag/tfaprovideru2fkeyauthentication-challenge seems to be a starting point, but I cannot figure out, how to deal with the response.
I am grateful for any help or push that will lead me in the right direction.
Another concern of mine is that I probably have to provide the OTP every time the admin token exceeded. Am I right? I really don't want to increase the lifetime of admin tokens (default is 4 hours) for security reasons. Maybe this restriction requires a completely different solution then using 2FA over REST API.
Thanks, Densen
-
docs.celigo.com/hc/en-us/articles/…prasad maganti– prasad maganti2022年05月23日 06:47:01 +00:00Commented May 23, 2022 at 6:47
-
Do you found a solution? It's urgent for me.George George– George George2023年05月07日 13:12:53 +00:00Commented May 7, 2023 at 13:12
1 Answer 1
you're right, if you want to generate a session-based access token, you will need to provide the 2FA code.
Your request will seems like this one below.
Magento authentication 2FA REST API
Although, based on your context, I recommend you to use the integration token, that you won't have expiration date, since you have a programmatically connection.