<no title> — GNU Taler

POST /management/instances/$INSTANCE/auth#

POST [/instances/$INSTANCE]/private/auth#

Update the authentication settings for an instance. POST operations against an instance are authenticated by checking that an authorization is provided that matches either the credential required by the instance being modified OR the admin instance, depending on the access path used.

Required permission: instances-auth-write

Request the request must be an InstanceAuthConfigurationMessage.

Response:

202 Accepted:: 2FA is required for this operation. This returns the ChallengeResponse response. @since v21
204 No content:: The backend has successfully changed the credentials for the instance.
401 Unauthorized:: The request is unauthorized.
403 Forbidden:: MFA channels are not available for this instance. Returned with TALER_EC_MERCHANT_GENERIC_MFA_MISSING.
404 Not found:: This instance is unknown and thus cannot be reconfigured. Returned with TALER_EC_MERCHANT_GENERIC_INSTANCE_UNKNOWN.
413 Request entity too large:: The uploaded body is to long, it exceeds the size limit. Returned with an error code of TALER_EC_GENERIC_UPLOAD_EXCEEDS_LIMIT.
500 Internal Server Error:: The server experienced an internal failure. Returned with TALER_EC_GENERIC_DB_START_FAILED, TALER_EC_GENERIC_DB_FETCH_FAILED or TALER_EC_GENERIC_DB_COMMIT_FAILED.

Details:

type InstanceAuthConfigurationMessage = InstanceAuthConfigToken | InstanceAuthConfigTokenOLD | InstanceAuthConfigExternal

// @since **v19**
interface InstanceAuthConfigToken {
  // The API is accessible through API tokens.
  // Tokens are retrieved from the /private/token
  // endpoint.
  method: "token";

  // Authentication against the /private/token endpoint
  // is done using basic authentication with the configured password
  // in the "password" field. Tokens are passed to other endpoints for
  // authorization using RFC 8959 bearer tokens.
  password: string;

}

// @deprecated since **v19**
interface InstanceAuthConfigTokenOLD {
  // The API is accessible through API tokens.
  // Tokens are retrieved from the /private/token
  // endpoint.
  method: "token";

  // The value of this field MUST begin with the string "secret-token:".
  token: string;

}

// @deprecated since **v20**
interface InstanceAuthConfigExternal {
  // The mechant backend does not do
  // any authentication checks.  Instead an API
  // gateway must do the authentication.
  method: "external";
}

Contents