Login API with user has 2FA activate

castris · October 10, 2023, 11:14am

I’m trying to configure my accounting app, and I need to access my Ninja v5 installation.

Following the documentation I have been able to access it without problem, except that if the user used has 2FA, I get a 401

{
     "message": "Invalid one time password"
}

If I deactivate 2fa, I access perfectly.

I only see in the doc a strange endpoint whose value I cannot see since if I am not logged in or have an access token, I don’t know how to use it.

I’m working with Postman for test API endpoints over hosted version v5.6.4-C121

hillel · October 10, 2023, 11:35am

Hi,

If 2FA is enabled the /login route requires a one time password.

Is there a reason you’re using that route?

castris · October 10, 2023, 11:47am

Hi.

I use this route for get token for use in my apap.

My app connects with one InoviceNinja installation, and get clients, invoices, and process in my app, for synchro with my cloud accounting program, sage.

For this, I need a token X-API-TOKEN and this is on this route after login.

Is correct?

hillel · October 10, 2023, 11:49am

Why not create an API token from within the app?

Note: if you’re connecting to a separate app please review the license.

castris · October 10, 2023, 12:07pm

Hi.

A lot of thanks

I see my mistake. X-API-TOKEN is same that I use in login.
The other endpoints of API only need this token.

Over license, is a personal app created in Laravel to connect another provider, API (OVH), API of WHMCS (for hosting business), and other businesses (mine) with an InvoiceNinja as invoice system, and get data y process for upload and synchro to my owned account is Sage Cloud.

I think no problem with a license for this uses.

Appreciate for you help

hillel · October 10, 2023, 12:09pm

Sounds good, let us know if you have any other questions.