In CodeB, the mobile device serves as the Identity Provider (IdP) when equipped with any CodeB Apps. To verify keys directly from the mobile device, utilize the “MobileJWKS” Web Services API.
API Endpoint:<BaseURL>/ws/mobile.asmx?op=MobileJWKS
Demo Server Example:https://auth.codeb.io/ws/mobile.asmx?op=MobileJWKS
Required Parameters:
- phoneNumber: The international phone number of the device with the CodeB App.
- CodeBApp: Specifies the CodeB App installed as each app has its keystore. Options include “authenticator”, “signator”, and “sms”. If unspecified, the API auto-selects.
- BearerToken: A valid token with the necessary permissions is required for authorization to request the keystore. Such token can be requested with the function MobileToken.
This API ensures secure and direct key verification from mobile devices running CodeB Apps, enhancing the integrity and reliability of the authentication process.