Generate an on-demand auth challenge during login
This topic describes the endpoint and parameters used to generate an on-demand authentication challenge for a given username.
You can use the {{baseUrl}}/login endpoint in combination with the following parameters to redirect a user to an MFA webview in order to complete additional authentication challenges.
| Parameter | Data type | Description |
|---|---|---|
| username | string | Set the value to the username a user logs in with. |
| challengeView | boolean | Redirects the user to an MFA challenge webview when you set it to true. |
This is helpful if the user has completed a primary authentication challenge through a third-party identity service and you want to use CyberArk Identity Adaptive MFA to enforce additional authentication mechanisms without asking end users to re-enter their username.
Refer to the product documentation for details about enforcing MFA for users.
Example usage
Go to the {{baseUrl}}/login endpoint and add values for the username and challengeView query parameters, as shown in the following example.
https://mytenant.my.idaptive.app/[email protected]&challengeView=true
The response is an MFA challenge webview.
Updated over 2 years ago