Two factor authentication for Web Sites

Introduction

LoginTC Web makes it easy for developers to add multi-factor to their websites and portals via the LoginTC REST API.

Prerequisites

Before proceeding, please ensure you have the following:

API Domain Creation

If you have already created a LoginTC domain, then you may skip this section and proceed to Development.

  1. Log in to LoginTC Admin
  2. Click Domains:
  3. Click Add Domain: Create Domain
  4. Enter a name and optionally pick an icon Create Domain Form
  5. Scroll down and click Create

Use Default Domain Settings

Domain settings can be modified at any time by navigating to Domains > Your Domain > Settings.

Deployment

  1. Get your organization API Key and Domain ID

    • Go to your LoginTC Admin account.
    • API Key: Click Settings, to get your 64-character API Key. This is how the client identifies itself with Admin.
    • Domain ID: Click Domains > Your Domain > Settings to get your 40-character Domain ID. This is how you identify which domain you are operating on.
  2. Instantiate the LoginTC client:

    $api_key = 'YOUR_API_KEY';
      
      $logintc = new LoginTC($api_key);
  3. Create a session:

    $domain_id = 'YOUR_DOMAIN_ID';
      $username = 'usertest';
      
      $session = $logintc->createSessionWithUsername($domain_id, $username);
    • Now a request has been sent to the user’s device
  4. Poll the state of the session:

    $t = time();
      $timeout = 45;
      $response = null;
      while( (time() - $t) < $timeout ) {
          $polled_session = $logintc->getSession($domain_id, $session->getId());
      
          if($polled_session->getState() != 'pending') {
              break;
          }
      
          sleep(1); // wait 1s
      }
  5. Check final state of the session:

    if($polled_session->getState() === 'denied') {
          // denied or timeout
      }
      
      if($polled_session->getState() === 'approved') {
          // user authenticated!
          // log user in
      }

Complete end-to-end example (PHP)

<?php
  
  require_once("LoginTC.php");
  
  try {
  
      /*
       * instantiate the LoginTC client
       */
  
      $api_key = 'YOUR_API_KEY';
  
      $logintc = new LoginTC($api_key);
  
      /*
       * create a session
       */
  
      $domain_id = 'YOUR_DOMAIN_ID';
      $username = 'usertest';
  
      $session = $logintc->createSessionWithUsername($domain_id, $username);
  
      /*
       * poll the state of the session
       */
  
      $t = time();
      $timeout = 45;
      $response = null;
      while( (time() - $t) < $timeout ) {
  
          $polled_session = $logintc->getSession($domain_id, $session->getId());
  
          if($polled_session->getState() != 'pending') {
              break;
          }
  
          sleep(1); // wait 1s
      }
  
      /*
       * check final state of the session
       */
  
      if($polled_session->getState() === 'denied') {
          // denied or timeout
      }
  
      if($polled_session->getState() === 'approved') {
          // user authenticated!
          // log user in here
      }
  
  } catch(LoginTCException $exception) {
      die($exception->getMessage());
  }
  
  
  ?>

User Management

There are several options for managing your users within LoginTC: