The purpose of using a 2FA method is to authenticate the user with an external method.
The TFA API uses existing communication applications like Telegram to exchange the 2FA codes with the end-user.
The flow to enable and use TFA for 2FA in your application is the following:
- From your internal process a user is created
- To activate the TFA your application should make a request to 'Set User' with your user id and authentication method on the TFA side, currently, only 'telegram' is supported
- The response includes a link and a QR code. Use one or both to allow the user to open, let's say Telegram
- The end-user open the Telegram application from the link or QR code and will receive a 2FA code
- Your application should collect that code and call 'Validate Code' to confirm its validity, in case it is invalid a call to 'Resend Code' will deliver a new code to the end-user
- In case the code is valid, you can activate the 2FA for that end-user
Example of SecurifyBot after the user clicks on the Telegram link or opens the QR code and confirms the Telegram ID by pressing 'START':
To validate additional operations after the TFA is active, your application should:
- Call 'Resend Code' to send a new code to the end-user
- Your application should collect that code and call 'Validate Code' to confirm its validity, in case it is invalid a call to 'Resend Code' will deliver a new code to the end-user