Magento 2.4.2-p2
Greetings,
I’m interested in to get an admin token from the REST API when 2FA is enabled and as authentication provider U2F is used.
I have a small application running on another server that modifies some Product attributes from time to time. This application needs the admin token for authentication.
I have configured 2FA successfully and can login via U2F (YubiKey) to the adminhtml.
However, I cannot find any documentation on how to authenticate through the REST API using U2F.
Here is a documentation on how this would work with Google Authenticator: https://devdocs.magento.com/guides/v2.4/rest/tutorials/prerequisite-tasks/create-admin-token.html
I have found some endpoints in the REST API docs that seem to correspond to the u2fkey authorization (search for u2fkey). Especially, the https://magento.redoc.ly/2.4.3-admin/tag/tfaprovideru2fkeyauthentication-challenge seems to be a starting point, but I cannot figure out, how to deal with the response.
I am grateful for any help or push that will lead me in the right direction.
Another concern of mine is that I probably have to provide the OTP every time the admin token exceeded. Am I right? I really don’t want to increase the lifetime of admin tokens (default is 4 hours) for security reasons. Maybe this restriction requires a completely different solution then using 2FA over REST API.
Thanks, Densen