FxAccountClient Class
Constructor
FxAccountClient
-
uri
-
config
Parameters:
-
uri
StringAuth Server URI
-
config
ObjectConfiguration
Item Index
Methods
- _passwordChangeFinish
- _passwordChangeKeys
- accountDestroy
- accountKeys
- accountReset
- accountStatus
- accountStatusByEmail
- certificateSign
- checkTotpTokenExists
- consumeRecoveryCode
- consumeSigninCode
- createTotpToken
- deleteTotpToken
- deviceDestroy
- deviceList
- deviceRegister
- deviceUpdate
- getRandomBytes
- passwordChange
- passwordChangeStart
- passwordForgotResendCode
- passwordForgotSendCode
- passwordForgotStatus
- passwordForgotVerifyCode
- recoveryEmailCreate
- recoveryEmailDestroy
- recoveryEmailResendCode
- recoveryEmails
- recoveryEmailSetPrimaryEmail
- recoveryEmailStatus
- rejectLoginAuthorizationCode
- replaceRecoveryCodes
- sendSms
- sendUnblockCode
- sessionDestroy
- sessionReauth
- sessions
- sessionStatus
- signIn
- signUp
- smsStatus
- verifyCode
- verifyTotpCode
Methods
_passwordChangeFinish
-
email
-
newPassword
-
oldCreds
-
keys
-
[options={}]
Third step to change the password.
Parameters:
-
email
String -
newPassword
String -
oldCreds
ObjectThis object should consists of
oldUnwrapBKey
,keyFetchToken
andpasswordChangeToken
. -
keys
ObjectThis object should contain the unbundled keys
-
[options={}]
Object optionalOptions
-
[keys]
Boolean optionalIf
true
, calls the API with?keys=true
to get the keyFetchToken -
[sessionToken]
String optionalIf a
sessionToken
is passed, a new sessionToken will be returned with the sameverified
status as the existing sessionToken.
-
Returns:
A promise that will be fulfilled with JSON of xhr.responseText
_passwordChangeKeys
-
oldCreds
Second step to change the password.
Parameters:
-
oldCreds
ObjectThis object should consists of
oldUnwrapBKey
,keyFetchToken
andpasswordChangeToken
.
Returns:
A promise that will be fulfilled with JSON of xhr.responseText
accountDestroy
-
email
-
password
-
[options={}]
-
sessionToken
This deletes the account completely. All stored data is erased.
Parameters:
-
email
StringEmail input
-
password
StringPassword input
-
[options={}]
Object optionalOptions
-
[skipCaseError]
Boolean optionalIf
true
, the request will skip the incorrect case error
-
-
sessionToken
StringUser session token
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
accountKeys
-
keyFetchToken
-
oldUnwrapBKey
Get the base16 bundle of encrypted kA|wrapKb.
Parameters:
-
keyFetchToken
String -
oldUnwrapBKey
String
Returns:
A promise that will be fulfilled with JSON of {kA, kB} of the key bundle
accountReset
-
email
-
newPassword
-
accountResetToken
-
[options={}]
The API returns reset result to the client. HAWK-authenticated with accountResetToken
Parameters:
-
email
String -
newPassword
String -
accountResetToken
String -
[options={}]
Object optionalOptions
-
[keys]
Boolean optionalIf
true
, a newkeyFetchToken
is provisioned.options.sessionToken
is required ifoptions.keys
is true. -
[sessionToken]
Boolean optionalIf
true
, a newsessionToken
is provisioned.
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
accountStatus
-
uid
Gets the status of an account by uid.
Parameters:
-
uid
StringUser account id
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
accountStatusByEmail
-
email
Gets the status of an account by email.
Parameters:
-
email
StringUser account email
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
certificateSign
-
sessionToken
-
publicKey
-
duration
-
[options={}]
-
[service='']
Sign a BrowserID public key
Parameters:
-
sessionToken
StringUser session token
-
publicKey
ObjectThe key to sign
-
duration
IntTime interval from now when the certificate will expire in milliseconds
-
[options={}]
Object optionalOptions
-
[service='']
String optionalThe requesting service, sent via the query string
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
checkTotpTokenExists
-
sessionToken
Check to see if the current user has a TOTP token associated with their account.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
consumeRecoveryCode
-
sessionToken
-
code
Consume recovery code.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
-
code
Stringrecovery code
consumeSigninCode
-
code
-
flowId
-
flowBeginTime
-
[deviceId]
Consume a signinCode.
Parameters:
-
code
StringThe signinCode entered by the user
-
flowId
StringIdentifier for the current event flow
-
flowBeginTime
NumberTimestamp for the flow.begin event
-
[deviceId]
String optionalIdentifier for the current device
createTotpToken
-
sessionToken
-
[options.metricsContext={}]
-
options.metricsContext.deviceId
-
options.metricsContext.flowId
-
options.metricsContext.flowBeginTime
-
options.metricsContext.utmCampaign
-
options.metricsContext.utmContent
-
options.metricsContext.utmMedium
-
options.metricsContext.utmSource
-
options.metricsContext.utmTerm
Creates a new TOTP token for the user associated with this session.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
-
[options.metricsContext={}]
Object optionalMetrics context metadata
-
options.metricsContext.deviceId
Stringidentifier for the current device
-
options.metricsContext.flowId
Stringidentifier for the current event flow
-
options.metricsContext.flowBeginTime
Numberflow.begin event time
-
options.metricsContext.utmCampaign
Numbermarketing campaign identifier
-
options.metricsContext.utmContent
Numbercontent identifier
-
options.metricsContext.utmMedium
Numberacquisition medium
-
options.metricsContext.utmSource
Numbertraffic source
-
options.metricsContext.utmTerm
Numbersearch terms
deleteTotpToken
-
sessionToken
Deletes this user's TOTP token.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
deviceDestroy
-
sessionToken
-
deviceId
Unregister an existing device
Parameters:
-
sessionToken
StringSession token obtained from signIn
-
deviceId
StringUser-unique identifier of device
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
deviceList
-
sessionToken
Get a list of all devices for a user
Parameters:
-
sessionToken
StringsessionToken obtained from signIn
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
deviceRegister
-
sessionToken
-
deviceName
-
deviceType
-
[options={}]
Add a new device
Parameters:
-
sessionToken
StringUser session token
-
deviceName
StringName of device
-
deviceType
StringType of device (mobile|desktop)
-
[options={}]
Object optionalOptions
-
[deviceCallback]
String optionalDevice's push endpoint.
-
[devicePublicKey]
String optionalPublic key used to encrypt push messages.
-
[deviceAuthKey]
String optionalAuthentication secret used to encrypt push messages.
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
deviceUpdate
-
sessionToken
-
deviceId
-
deviceName
-
[options={}]
Update the name of an existing device
Parameters:
-
sessionToken
StringUser session token
-
deviceId
StringUser-unique identifier of device
-
deviceName
StringName of device
-
[options={}]
Object optionalOptions
-
[deviceCallback]
String optionalDevice's push endpoint.
-
[devicePublicKey]
String optionalPublic key used to encrypt push messages.
-
[deviceAuthKey]
String optionalAuthentication secret used to encrypt push messages.
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
getRandomBytes
()
Promise
Get 32 bytes of random data. This should be combined with locally-sourced entropy when creating salts, etc.
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
passwordChange
-
email
-
oldPassword
-
newPassword
-
[options={}]
Change the password from one known value to another.
Parameters:
-
email
String -
oldPassword
String -
newPassword
String -
[options={}]
Object optionalOptions
-
[keys]
Boolean optionalIf
true
, calls the API with?keys=true
to get a new keyFetchToken -
[sessionToken]
String optionalIf a
sessionToken
is passed, a new sessionToken will be returned with the sameverified
status as the existing sessionToken.
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
passwordChangeStart
-
email
-
oldPassword
-
[options={}]
First step to change the password.
Parameters:
-
email
String -
oldPassword
String -
[options={}]
Object optionalOptions
-
[skipCaseError]
Boolean optionalIf
true
, the request will skip the incorrect case error
-
Returns:
A promise that will be fulfilled with JSON of xhr.responseText
and oldUnwrapBKey
passwordForgotResendCode
-
email
-
passwordForgotToken
-
[options={}]
Re-sends a verification code to the account's recovery email address. HAWK-authenticated with the passwordForgotToken.
Parameters:
-
email
String -
passwordForgotToken
String -
[options={}]
Object optionalOptions
-
[service]
String optionalOpaque alphanumeric token to be included in verification links
-
[redirectTo]
String optionala URL that the client should be redirected to after handling the request
-
[resume]
String optionalOpaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.
-
[lang]
String optionalset the language for the 'Accept-Language' header
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
passwordForgotSendCode
-
email
-
[options={}]
Used to ask the server to send a recovery code. The API returns passwordForgotToken to the client.
Parameters:
-
email
String -
[options={}]
Object optionalOptions
-
[service]
String optionalOpaque alphanumeric token to be included in verification links
-
[redirectTo]
String optionala URL that the client should be redirected to after handling the request
-
[resume]
String optionalOpaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.
-
[lang]
String optionalset the language for the 'Accept-Language' header
-
[metricsContext={}]
Object optionalMetrics context metadata
-
deviceId
Stringidentifier for the current device -
flowId
Stringidentifier for the current event flow -
flowBeginTime
Numberflow.begin event time -
utmCampaign
Numbermarketing campaign identifier -
utmContent
Numbercontent identifier -
utmMedium
Numberacquisition medium -
utmSource
Numbertraffic source -
utmTerm
Numbersearch terms
-
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
passwordForgotStatus
-
passwordForgotToken
Returns the status for the passwordForgotToken. If the request returns a success response, the token has not yet been consumed.
Parameters:
-
passwordForgotToken
String
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
passwordForgotVerifyCode
-
code
-
passwordForgotToken
-
[options={}]
Submits the verification token to the server. The API returns accountResetToken to the client. HAWK-authenticated with the passwordForgotToken.
Parameters:
-
code
String -
passwordForgotToken
String -
[options={}]
Object optionalOptions
-
[accountResetWithRecoveryKey]
Boolean optionalverifying code to be use in account recovery
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
recoveryEmailCreate
-
sessionToken
-
email
Create a new recovery email for the signed in account.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
-
email
Stringnew email to be added
recoveryEmailDestroy
-
sessionToken
-
email
Remove the recovery email for the signed in account.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
-
email
Stringemail to be removed
recoveryEmailResendCode
-
sessionToken
-
[options={}]
Re-sends a verification code to the account's recovery email address.
Parameters:
-
sessionToken
StringsessionToken obtained from signIn
-
[options={}]
Object optionalOptions
-
[email]
String optionalCode will be resent to this email, only used for secondary email codes
-
[service]
String optionalOpaque alphanumeric token to be included in verification links
-
[redirectTo]
String optionala URL that the client should be redirected to after handling the request
-
[resume]
String optionalOpaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.
-
[type]
String optionalSpecifies the type of code to send, currently only supported type is
upgradeSession
. -
[lang]
String optionalset the language for the 'Accept-Language' header
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
recoveryEmails
-
sessionToken
Get the recovery emails associated with the signed in account.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
recoveryEmailSetPrimaryEmail
-
sessionToken
-
email
Changes user's primary email address.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
-
email
StringEmail that will be the new primary email for user
recoveryEmailStatus
-
sessionToken
Parameters:
-
sessionToken
StringsessionToken obtained from signIn
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
rejectLoginAuthorizationCode
-
uid
-
unblockCode
Reject a login unblock code. Code will be deleted from the server and will not be able to be used again.
Parameters:
-
uid
StringAccount ID
-
unblockCode
Stringunblock code
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
replaceRecoveryCodes
-
sessionToken
Replace user's recovery codes.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
sendSms
-
sessionToken
-
phoneNumber
-
messageId
-
[options={}]
Send an sms.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
-
phoneNumber
StringPhone number sms will be sent to
-
messageId
StringCorresponding message id that will be sent
-
[options={}]
Object optionalOptions
-
[lang]
String optionalLanguage that sms will be sent in
-
[features]
Array optionalArray of features to be enabled for the request
-
[metricsContext={}]
Object optionalMetrics context metadata
-
deviceId
Stringidentifier for the current device -
flowId
Stringidentifier for the current event flow -
flowBeginTime
Numberflow.begin event time -
utmCampaign
Numbermarketing campaign identifier -
utmContent
Numbercontent identifier -
utmMedium
Numberacquisition medium -
utmSource
Numbertraffic source -
utmTerm
Numbersearch terms
-
-
sendUnblockCode
-
email
-
[options={}]
Send an unblock code
Parameters:
-
email
Stringemail where to send the login authorization code
-
[options={}]
Object optionalOptions
-
[metricsContext={}]
Object optionalMetrics context metadata
-
deviceId
Stringidentifier for the current device -
flowId
Stringidentifier for the current event flow -
flowBeginTime
Numberflow.begin event time -
utmCampaign
Numbermarketing campaign identifier -
utmContent
Numbercontent identifier -
utmMedium
Numberacquisition medium -
utmSource
Numbertraffic source -
utmTerm
Numbersearch terms
-
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
sessionDestroy
-
sessionToken
-
[options={}]
Destroys this session, by invalidating the sessionToken.
Parameters:
-
sessionToken
StringUser session token
-
[options={}]
Object optionalOptions
-
[customSessionToken]
String optionalOverride which session token to destroy for this same user
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
sessionReauth
-
sessionToken
-
email
-
password
-
[options={}]
Parameters:
-
sessionToken
StringsessionToken obtained from signIn
-
email
StringEmail input
-
password
StringPassword input
-
[options={}]
Object optionalOptions
-
[keys]
Boolean optionalIf
true
, calls the API with?keys=true
to get the keyFetchToken -
[skipCaseError]
Boolean optionalIf
true
, the request will skip the incorrect case error -
[service]
String optionalService being accessed that needs reauthentication
-
[reason]
String optionalReason for reauthentication. Can be one of:
signin
,password_check
,password_change
,password_reset
-
[redirectTo]
String optionala URL that the client should be redirected to after handling the request
-
[resume]
String optionalOpaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.
-
[originalLoginEmail]
String optionalIf retrying after an "incorrect email case" error, this specifies the email address as originally entered by the user.
-
[verificationMethod]
String optionalRequest a specific verification method be used for verifying the session, e.g. 'email-2fa' or 'totp-2fa'.
-
[metricsContext={}]
Object optionalMetrics context metadata
-
deviceId
Stringidentifier for the current device -
flowId
Stringidentifier for the current event flow -
flowBeginTime
Numberflow.begin event time -
utmCampaign
Numbermarketing campaign identifier -
utmContent
Numbercontent identifier -
utmMedium
Numberacquisition medium -
utmSource
Numbertraffic source -
utmTerm
Numbersearch terms
-
-
[unblockCode]
String optionalLogin unblock code.
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
sessions
-
sessionToken
Get a list of user's sessions
Parameters:
-
sessionToken
StringsessionToken obtained from signIn
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
sessionStatus
-
sessionToken
Responds successfully if the session status is valid, requires the sessionToken.
Parameters:
-
sessionToken
StringUser session token
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
signIn
-
email
-
password
-
[options={}]
Parameters:
-
email
StringEmail input
-
password
StringPassword input
-
[options={}]
Object optionalOptions
-
[keys]
Boolean optionalIf
true
, calls the API with?keys=true
to get the keyFetchToken -
[skipCaseError]
Boolean optionalIf
true
, the request will skip the incorrect case error -
[service]
String optionalService being signed into
-
[reason]
String optionalReason for sign in. Can be one of:
signin
,password_check
,password_change
,password_reset
-
[redirectTo]
String optionala URL that the client should be redirected to after handling the request
-
[resume]
String optionalOpaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.
-
[originalLoginEmail]
String optionalIf retrying after an "incorrect email case" error, this specifies the email address as originally entered by the user.
-
[verificationMethod]
String optionalRequest a specific verification method be used for verifying the session, e.g. 'email-2fa' or 'totp-2fa'.
-
[metricsContext={}]
Object optionalMetrics context metadata
-
deviceId
Stringidentifier for the current device -
flowId
Stringidentifier for the current event flow -
flowBeginTime
Numberflow.begin event time -
utmCampaign
Numbermarketing campaign identifier -
utmContent
Numbercontent identifier -
utmMedium
Numberacquisition medium -
utmSource
Numbertraffic source -
utmTerm
Numbersearch terms
-
-
[unblockCode]
String optionalLogin unblock code.
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
signUp
-
email
-
password
-
[options={}]
Parameters:
-
email
StringEmail input
-
password
StringPassword input
-
[options={}]
Object optionalOptions
-
[keys]
Boolean optionalIf
true
, calls the API with?keys=true
to get the keyFetchToken -
[service]
String optionalOpaque alphanumeric token to be included in verification links
-
[redirectTo]
String optionala URL that the client should be redirected to after handling the request
-
[preVerified]
String optionalset email to be verified if possible
-
[resume]
String optionalOpaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.
-
[lang]
String optionalset the language for the 'Accept-Language' header
-
[metricsContext={}]
Object optionalMetrics context metadata
-
deviceId
Stringidentifier for the current device -
flowId
Stringidentifier for the current event flow -
flowBeginTime
Numberflow.begin event time -
utmCampaign
Numbermarketing campaign identifier -
utmContent
Numbercontent identifier -
utmMedium
Numberacquisition medium -
utmSource
Numbertraffic source -
utmTerm
Numbersearch terms
-
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
smsStatus
-
sessionToken
-
[options={}]
Get SMS status for the current user.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
-
[options={}]
Object optionalOptions
-
[country]
String optionalcountry Country to force for testing.
-
verifyCode
-
uid
-
code
-
[options={}]
Parameters:
-
uid
StringAccount ID
-
code
StringVerification code
-
[options={}]
Object optionalOptions
-
[service]
String optionalService being signed into
-
[reminder]
String optionalReminder that was used to verify the account
-
[type]
String optionalType of code being verified, only supports
secondary
otherwise will verify account/sign-in -
[marketingOptIn]
Boolean optionalIf
true
, notifies marketing of opt-in intent.
-
Returns:
A promise that will be fulfilled with JSON xhr.responseText
of the request
verifyTotpCode
-
sessionToken
-
code
-
[options.service]
Verify tokens if using a valid TOTP code.
Parameters:
-
sessionToken
StringSessionToken obtained from signIn
-
code
StringTOTP code to verif
-
[options.service]
String optionalService being used