Learn how to get access token with MFA

1. Log in with your username and password with grant type in Postman or script.
   You will get a state_token instead of an access_token as a response.
2. Run a second request sending state_token or TOTP code with state_token grant type.
   You get an access_token as a response.

   Request

   PUT https://auth.reltio.com/oauth/token

   Table 1. Parameters

   Name		Required	Description
   Headers	Authorization	Yes	Bearer {{token}}
   Body	form-data	Yes	QR code verification details.

   Request

   username:{{your username}}
   password:{{password}}
   grant_type:password

   Note: {{token}} in the headers refer to a client_id:client_secret that has password grant_type defined. This client credential is used to identify your client application. No permissions are required under this client. For more details, see topic Creating client credentials.

   

   Response

   200 Ok as the HTTP status code

   {
       "expires_in": 599,
       "state_token": {
           "mfaType": "AUTHENTICATOR",
           "expires_in": "600",
           "status": "ENROLL",
           "token": "fa7e4518-ad20-4e15-b386-0343b241fe50"
       }
   }

3. Obtain an access token with the state_token and submit an OTP code.
   Note: If you are enrolled in app-based MFA, you get the OTP on your mobile phone app. If you are enrolled in email-based MFA, you receive the OTP in your email.

   Request

   POST https://auth.reltio.com/oauth/token

   Request

   state_token:{{state_token from previous request}}
   totp:{{OTP code}}
   grant_type:state_token

   

   Response

   {
       "access_token": "s.AAALQii1L...39DCbQBHmOdw",
       "token_type": "bearer",
       "refresh_token": "fa7e5817-0bf6-461c-97ab-c6b7a9e0f556",
       "expires_in": 3598,
       "scope": "clients_api configuration_api entities_api graphs_api groups_api interactions_api relations_api users_api"
   }