Authentication API
Secure user authentication, authorization, and access control for industrial systems
Overview
The Authentication API provides comprehensive security capabilities for industrial automation systems, featuring JWT-based authentication, role-based access control (RBAC), multi-factor authentication, and enterprise-grade security features for manufacturing environments.
Core Features
- • JWT-based authentication
- • Role-based access control (RBAC)
- • Multi-factor authentication (MFA)
- • Session management
- • API key authentication
- • Audit trail logging
Security Standards
- • OAuth 2.0 compatible
- • Industry-standard encryption
- • SOC 2 Type II compliance
- • GDPR privacy protection
- • NIST cybersecurity framework
- • Industrial security protocols
Enterprise Ready
Production-ready authentication system with enterprise-grade security features and compliance support.
Authentication
User Login
Authenticate user credentials and receive JWT tokens for API access. Uses OAuth2 password flow with form data.
Request Body (form-urlencoded)
curl -X POST "/v1/auth/login" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "[email protected]&password=SecurePass2024!&client_id=123456"
# Fields:
# - username: Email or username (required)
# - password: User password (required)
# - client_id: TOTP code if MFA enabled (optional)Successful Login Response
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "bearer",
"expires_in": 1800,
"user": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"username": "operator_123",
"email": "[email protected]",
"full_name": "John Operator",
"user_type": "operator",
"status": "active",
"department": "production",
"organization_id": "org_123",
"is_system_admin": false,
"mfa_enabled": true,
"current_plan": "professional",
"subscription_status": "active",
"created_at": "2024-01-15T10:30:00Z",
"last_login": "2024-08-26T14:30:00Z"
}
}User Registration
Register new user account with role assignment and security setup.
Registration Request
{
"username": "maintenance_tech_456",
"email": "[email protected]",
"password": "SecurePass2024!",
"full_name": "Jane Technician",
"user_type": "technician",
"department": "maintenance",
"employee_id": "EMP-2024-456",
"phone": "+1-555-0123"
}User Management
Get Current User Profile
Retrieve detailed profile information for the authenticated user.
Headers Required
User Profile Response
{
"user": {
"id": "user_123",
"username": "operator_123",
"email": "[email protected]",
"full_name": "John Operator",
"user_type": "operator",
"status": "active",
"department": "production",
"employee_id": "EMP-2024-123",
"phone": "+1-555-0456",
"is_system_admin": false,
"mfa_enabled": true,
"created_at": "2024-01-15T10:30:00Z",
"last_login": "2024-08-26T14:30:00Z"
},
"permissions": [
"machines:read:assigned",
"machines:operate:assigned",
"components:read:assigned",
"documents:read:public"
],
"assigned_machines": [
"machine_123",
"machine_456"
]
}Security Features
Multi-Factor Authentication
Set up multi-factor authentication for enhanced security.
MFA Setup Request
{
"mfa_method": "totp",
"backup_methods": ["sms", "email"],
"phone_number": "+1-555-0123"
}MFA Setup Response
{
"mfa_enabled": true,
"primary_method": "totp",
"qr_code_url": "https://api.ffo.com/auth/mfa/qr/user_123",
"backup_codes": [
"123456789",
"987654321",
"456789123"
]
}Session Management
Logout Current Session
Logout the current session and invalidate the access token.
Response
{
"message": "Successfully logged out"
}Logout All Sessions
Logout from all active sessions across all devices.
Response
{
"message": "Successfully logged out from all sessions"
}API Key Management
Create API Key
Create new API key for programmatic access.
API Key Creation Request
{
"name": "Production Monitoring System",
"expires_days": 90
}API Key Creation Response
{
"api_key": "ffo_ak_1a2b3c4d5e6f7g8h9i0j1k2l3m4n5o6p7q8r9s0t",
"expires_at": "2024-11-26T17:30:00Z",
"created_at": "2024-08-26T17:30:00Z",
"name": "Production Monitoring System"
}⚠️ Store this API key securely. It will not be shown again.
Compliance & Standards
The Authentication API is designed to meet industry-standard security and compliance requirements for industrial automation and manufacturing environments.
Security Standards
- • OAuth 2.0 / OpenID Connect
- • JWT (RFC 7519) token standard
- • OWASP security guidelines
- • NIST Cybersecurity Framework
- • ISO 27001 information security
- • AES-256 data encryption
Industrial Compliance
- • IEC 62443 industrial cybersecurity
- • NERC CIP critical infrastructure
- • GDPR privacy protection
- • SOC 2 Type II compliance
- • Comprehensive audit logging
- • Zero-trust architecture