Multi factor authentication for Mendix rest API

Hi Experts, We have a rest api published from Mendix and it is being used by third party systems. Currently we have user id and password as authentication mechanism to access this api. Because of security reasons we are asked to implement multifactor authentication mechanism to access this api. Could you please help with steps to implement multi factor authentication for rest api?   Thanks for your help in advance!   Veera
1 answers

We have encountered a similar situation and handled by performing the below specified steps.

  1. Generate a key pair along with the passphrase and associate to the user account or webservice user.
  2. Setup an endpoint that returns a token with Private Key, Passphrase and user id as inputs. (By this way, we are not exposing user credentials.). We’ve used jwt token with 30 mins expiry interval.
  3. Service consumer can now invoke specific endpoints with the bearer token in the Auth Header. The token can be validated and appropriate response can be provided.

Passphrase and Private key together constitute a two factor authentication in our case.