Skip to content
API References
/
Authentication API
/
/
API v1 user validation

iVALT Authentication APIs (1.0.0)

The iVALT Authentication APIs provide secure, real-time user verification and session management through a single 1-Click experience. These APIs allow developers to authenticate users using mobile biometrics, device identity, and contextual factors such as location, IP, time window, and organization-defined rules.

Core Capabilities:

  • Verify user identity and device trust
  • Generate and validate authentication tokens
  • Submit biometric and geo-fence data for evaluation
  • Retrieve pass/fail results with factor-level detail
  • Enforce custom authentication policies defined in the iVALT Admin Portal

Use these endpoints to embed iVALT’s secure authentication workflow directly into your web or mobile applications.

Download OpenAPI description
Auth_Apis.json
Auth_Apis.yaml
Overview
URL
https://ivalt.com/support
iVALT Developer Support
support@ivalt.com
License
Proprietary and Confidential
Terms of Service
Languages
Servers
Mock server
https://api-docs.ivalt.com/_mock/products/authentication/auth_apis/
Production server
https://api.ivalt.com/admin/public/api/

Auth Apis

Auth includes operations for verifying user credentials, managing session tokens, handling biometric validations, and enforcing geo-fencing rules. These APIs ensure secure and compliant access control for both users and administrators within the system.

Operations

Global REST authentication validation

Request

Validates global REST authentication tokens associated with users.

Security
ApiKeyAuth
Bodyapplication/json

User mobile and authentication token for validation

mobilestringrequired

Mobile of post /validate/global/rest/auth request.

Example: "6283974746"
auth_tokenstringrequired

Auth token of post /validate/global/rest/auth request.

curl -i -X POST \
  https://api-docs.ivalt.com/_mock/products/authentication/auth_apis/validate/global/rest/auth \
  -H 'Content-Type: application/json' \
  -H 'x-api-key: YOUR_API_KEY_HERE' \
  -d '{
    "mobile": "+916283974746",
    "auth_token": "Sample_Token_Example"
  }'

Responses

Global REST authentication validated successfully

Bodyapplication/json
statusstringrequired

Outcome of the request. Always success for 2xx responses.

Value"success"
Example: "success"
messagestringrequired

Short description of the successful operation outcome.

Example: "Operation completed successfully"
Response
application/json
{
  "status": "success",
  "message": "Global REST authentication validation"
}

API v1 user validation

Request

Validates user identity using face authentication and auth tokens for API version 1.

Security
ApiKeyAuth
Bodyapplication/json

Face authentication token and auth token

face_auth_tokenstringrequired

Face auth token of post /api/v1/validate/user request.

auth_tokenstringrequired

Auth token of post /api/v1/validate/user request.

curl -i -X POST \
  https://api-docs.ivalt.com/_mock/products/authentication/auth_apis/api/v1/validate/user \
  -H 'Content-Type: application/json' \
  -H 'x-api-key: YOUR_API_KEY_HERE' \
  -d '{
    "face_auth_token": "Sample_Token_Example",
    "auth_token": "Sample_Token_Example"
  }'

Responses

User successfully validated

Bodyapplication/json
statusstringrequired

Outcome of the request. Always success for 2xx responses.

Value"success"
Example: "success"
messagestringrequired

Short description of the successful operation outcome.

Example: "Operation completed successfully"
Response
application/json
{
  "status": "success",
  "message": "API v1 user validation"
}

API v1 authentication

Request

Authenticates client using client ID and secret for API version 1.

Security
ApiKeyAuth
Bodyapplication/json

Client credentials for authentication

client_secretstringrequired

Client secret of post /api/v1/auth request.

client_idstringrequired

Client id of post /api/v1/auth request.

curl -i -X POST \
  https://api-docs.ivalt.com/_mock/products/authentication/auth_apis/api/v1/auth \
  -H 'Content-Type: application/json' \
  -H 'x-api-key: YOUR_API_KEY_HERE' \
  -d '{
    "client_secret": "Sample_Client_token",
    "client_id": "Sample_ClientId"
  }'

Responses

Client authenticated successfully

Bodyapplication/json
statusstringrequired

Outcome of the request. Always success for 2xx responses.

Value"success"
Example: "success"
messagestringrequired

Short description of the successful operation outcome.

Example: "Operation completed successfully"
Response
application/json
{
  "status": "success",
  "message": "API v1 authentication"
}