Authentication

Authentication controls the log in/log out process for all SDP users, as well as the token refresh process. Authentication uses a JWT approach signed with an ES256 private key.

📄️ Log In

Allows credentialed SDP users to log in to the SDP dashboard with a password. Note: all passwords must be at least 8 characters long and a combination of uppercase letters, lowercase letters, numbers, and symbols.

📄️ Refresh Token

A user’s token expires after 15 minutes. This endpoint handles refreshing the user’s token without disrupting their experience. It is triggered within the 30-second window before the token expires.

📄️ Provide Multi-Factor Authentication

Governs the multi-factor authentication process for SDP user login, including the ability to remember the device so MFA is not always required.

📄️ Forgot Password

Sends an email with a token to an SDP user who has gone through the Forgot Password process.

📄️ Reset Rassword

Allows an SDP user who has gone through the Forgot Password process to set their new password with a token sent via email.