List Trusted Devices
Get all trusted devices for the current authenticated user.
Description
The List Trusted Devices endpoint retrieves all devices that have been marked as trusted for the authenticated user's account. This endpoint provides visibility into all devices that can bypass MFA challenges, allowing users to review and manage their trusted device list for security purposes.
This endpoint is part of the Trusted Devices API and is essential for device security management. Users can review their trusted devices to identify any suspicious or unauthorized devices and revoke access if needed.
Use Cases
- Security Audit: Review all trusted devices to ensure only authorized devices have bypass privileges
- Device Management: Identify and manage devices that can skip MFA verification
- Security Monitoring: Track when devices were activated and last used to detect unusual activity
- Access Control: Review device list before revoking specific devices
Workflow Context
This endpoint is typically used:
- After activating a new device to verify it was added successfully
- Periodically for security audits to review trusted devices
- Before revoking a device to identify the correct device ID
- When investigating suspicious login activity
Prerequisites
- User must be authenticated with a valid access token
- User must have at least one trusted device to see results (empty list if none)
Quick Navigation
Endpoint
GET /api/v1/devices/
Headers
| Header | Required | Description |
|---|---|---|
Authorization | Yes | Bearer <access_token> |
Response
Success (200)
{
"success": true,
"data": {
"devices": [
{
"id": 789,
"device_name": "Chrome on Windows",
"device_fingerprint": "abc123...",
"user_agent": "Mozilla/5.0...",
"ip_address": "192.168.1.1",
"is_active": true,
"created_at": "2024-01-01T12:00:00Z",
"last_used_at": "2024-01-01T13:00:00Z"
}
],
"total_count": 2
},
"message": "Trusted devices retrieved successfully"
}
Features
- Complete Device List: Returns all active trusted devices for the authenticated user
- Device Information: Includes device name, fingerprint, user agent, and IP address for identification
- Activity Tracking: Shows when devices were created and last used for security monitoring
- Activation Status: Indicates which devices are currently active and trusted
- Security Metadata: Provides device fingerprint and location information for security audits
Response Fields
| Field | Type | Description |
|---|---|---|
devices | array | Array of trusted device objects |
devices[].id | integer | Unique device identifier. Use this ID to revoke the device if needed. |
devices[].device_name | string | Human-readable name for the device, typically derived from user agent and system information |
devices[].device_fingerprint | string | Unique device fingerprint hash used for device identification and security |
devices[].user_agent | string | Browser or client user agent string from when the device was activated |
devices[].ip_address | string | IP address from when the device was activated |
devices[].is_active | boolean | Whether the device is currently active and trusted |
devices[].created_at | string (ISO 8601) | Timestamp when the device was activated |
devices[].last_used_at | string (ISO 8601) | Timestamp when the device was last used for authentication |
total_count | integer | Total number of trusted devices for the user |
Example
curl -X GET https://api.rivergen.com/api/v1/devices/ \
-H "Authorization: Bearer <access_token>"
Related Endpoints
- Activate Device - Activate a new device after MFA verification
- Revoke Device - Remove device trust for security purposes
- Skip Activation - Skip device activation during MFA flow
See Also
- Trusted Devices API Overview - Complete guide to device management and workflows
- Authentication Concepts - Understanding authentication and token management
- MFA API Overview - Multi-factor authentication setup and management
- Sessions API - Managing active authentication sessions