Trusted Devices API
The Devices API manages trusted device functionality for "remember device" features.
Quick Navigation
Overview
This module provides:
- Device fingerprinting
- Device activation
- Device management and revocation
- Skip device activation option
Base Path
All device endpoints are prefixed with /api/v1/devices
Authentication
All endpoints require authentication:
Authorization: Bearer <access_token>
Devices Flow
The Trusted Devices API enables device fingerprinting and trust management for enhanced security. Users can activate trusted devices to streamline authentication experiences, especially for MFA flows.
Devices Flow Diagram
View Flow Diagram
Devices Flow Overview:
This flow diagram illustrates the trusted device management workflow. It shows how device fingerprinting works, device activation process, and how trusted devices can bypass MFA challenges.
Key Flow Components:
- Device Fingerprinting: System generates unique device fingerprint using IP, user agent, and additional device characteristics
- Device Activation: Users can activate devices during MFA verification to mark them as trusted
- Device Trust Check: Trusted devices can bypass MFA challenges for streamlined authentication
- Device Management: Users can view, manage, and revoke trusted devices for security
Internal Developer Notes:
- Device fingerprints are hashed for privacy and security
- Activation tokens expire after 5 minutes
- Trusted devices are linked to user accounts and can be revoked at any time
- Device trust status is checked during authentication flows
Endpoints
| Method | Endpoint | Description |
|---|---|---|
| POST | /activate | Activate trusted device |
| GET | / | List trusted devices |
| DELETE | /{device_id} | Revoke trusted device |
| POST | /skip | Skip device activation |
Internal Notes
- All endpoints are fully implemented
- Device fingerprinting uses IP, user agent, and additional fingerprint data
- Activation tokens expire after 5 minutes
- Devices are created during MFA verification with activation tokens
Swagger Documentation
Interactive API documentation available at: /docs#/devices