Username (ID)
Definition and Default Configuration
The username (ID) is considered a factor as well, though it will mostly serve for identifying a user as a first-step in order to continue the authentication with other non-unique factors (such as OTP or password for example).
To the Quasr platform, the username value has no semantic meaning; whether the end-user uses their email address, their real-name or a fictitious nickname makes no difference to Quasr. Quasr does not require the username value to be any sort of PII (Personal Identifiable Information).
The default allowed username value pattern is very flexible, allowing any character and a length between 1-100 characters. There is also no limitation on the character set - if a user prefers to use Chinese or Cyrllic characters, they can do so.
The default maximum failed attempts before the factor gets temporarily disabled is 5. The factor will auto-unlock after 300 seconds (5 minutes). The counter resets to 0 on each successful login.
Usernames are non-case-sensitive by default.
Usernames values are stored hashed, using the Argon2id algorithm.
User Interface (UI) Example
Below is a sample screenshot to give an idea of a potential login / registration page asking for a username. On a login or registration page, the username input field is usually represented by a single-line text field.
Signup with a username
To signup with a username, the actual username value (input parameter) and optionally a label (label parameter) is provided.
Enrolling a username factor
POST https://{tenant_id}.api.quasr.io/factors/signup
Request Body
input
String
ID value
label
String
Label
id*
String
Factor ID
{
"result": "FAILED",
"feedback": {
"cause": "INVALID_INPUT"
}
}Login with a username
To validate a username factor, the actual username value (input parameter) is provided.
Validating a username factor
POST https://{tenant_id}.api.quasr.io/factors/login
Request Body
input*
String
ID value
id*
String
Factor or Enrollment ID
{
"result": "SUCCESS",
"feedback": {
"cause": "",
"enrolment_id": "<enrollment_id>"
},
"session_token": "<session_token>",
"account_id": "<account_id>",
"session_score": <session_score>,
"session_exp": <session_expiration> // epoch in seconds (not ms)
}Factor Creation via Management API
A username factor is already available for all newly created tenants by default, however, if you want to add additional ID factors, you can do so via Tenant Administration UI or Admin API.
The following API sample calls create a username factor labelled "Another Username" with a score of 1.
The username factor allows for the following parameters and config options:
subtype
"secret:id"
label
<any string>
"Username"
status
"ENABLED" | "DISABLED"
"DISABLED"
score
<positive int>
1
config. regex
regex
"^.{1,100}$"
config.unique
true | false
true
config. case_sensitive
true | false
false
config. public_signup
true | false
false
config.threshold
0-4
0
config.require_validation_for_enablement
true | false
false
config.capture_input
true | false
false
GraphQL Example
// GraphQL Query (Sample)
mutation createFactor ($input: CreateFactorInput!) {
createFactor (input: $input) {
id
}
}
// GraphQL Variables (Sample)
{
"input": {
"subtype": "secret:id",
"regex": "^.{1,100}$",
"label": "My Username",
"status": "ENABLED",
"score": 1
}
}
// Response (Sample)
{
"data": {
"createFactor": {
"id": "678c0054-d57e-4e09-9e54-ef8deb4ddd72"
}
}
}Node.js Example
var axios = require('axios');
var data = JSON.stringify({
query: `mutation createFactor ($input: CreateFactorInput!) {
createFactor (input: $input) {
id
}
}`,
variables: {
"input": {
"subtype": "secret:id",
"regex": "^.{1,100}$",
"label": "Another ID",
"status": "ENABLED",
"score": 1
}
}
});
var config = {
method: 'post',
url: 'https://{tenant_id}.api.quasr.io/graphql',
headers: {
'Authorization': 'Bearer {access_token}',
'Content-Type': 'application/json'
},
data : data
};
axios(config)
.then(function (response) {
console.log(JSON.stringify(response.data));
})
.catch(function (error) {
console.log(error);
});Last updated