{"_id":"599476bbc0cd1c00192452a5","project":"55db8f8f1a91690d007ad975","version":{"_id":"55db8f901a91690d007ad978","project":"55db8f8f1a91690d007ad975","__v":17,"createdAt":"2015-08-24T21:41:36.034Z","releaseDate":"2015-08-24T21:41:36.034Z","categories":["55db8f901a91690d007ad979","55db9856b3d6540d00886426","55dc751b00a8811900c230e3","55dc766255be9f21004ee250","55dc769200a8811900c230ed","55e4c701177b6e0d003330fa","55f4915caf0bc71900a53130","55f491b2be9c2b2100f0635d","560b22739c7be70d00100bd8","57488c53e8c6a420000b729c","574cefd95953e20e00f40f9f","5798edfd7700d30e00ad250c","579ac88234b5fd0e00b9e140","57c81c6d690c200e0047b72e","57d9b8fbda17c30e003897f1","57d9b90e608ea00e00f358d8","57d9b91cda17c30e003897f4"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"category":{"_id":"560b22739c7be70d00100bd8","pages":["560b229caf40a70d003df309","56bcb2cf9afb8b0d00d62df6"],"project":"55db8f8f1a91690d007ad975","version":"55db8f901a91690d007ad978","__v":2,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-09-29T23:44:51.456Z","from_sync":false,"order":6,"slug":"advanced-configurations","title":"Advanced configurations"},"user":"573de28a844afa29000d5c3a","githubsync":"","__v":0,"parentDoc":null,"updates":[],"next":{"pages":[],"description":""},"createdAt":"2017-08-16T16:45:47.741Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":8,"body":"In most cases, the IMMUNIO agent will automatically instrument your app to detect all supported threat types.\n\nIf your app uses some features or libraries that Immunio does not yet support, you can still get full protection by calling the Immunio API from your app code to provide any missing information.\n[block:api-header]\n{\n  \"title\": \"Authentication Related API\"\n}\n[/block]\nThe Authentication API enables the application to notify the Immunio Agent when a user fails to or succeeds to log in, as well as when the user logs off. These 3 simple API calls enables Immunio to protect the application against bruteforce and other account take over attacks.\n\nTo use the Authentication API, do the following:\n  * Create a property in your account / authentication code, for accessing the Immunio Authentication API \n  * Call the Login Authentication API when the user successfully logs in\n  * Call the FailedLogin Authentication API when the user fails to log in\n  * Call the Logout Authentication API when the user logs out \n\nImmunio also enables to protect against excessive attempts to create accounts or reset password. To use the Authentication API for these functions, do the following:\n  * Call the AccountCreated API when the user successfully created an account\n  * Call the PasswordReset API when the user successfully reset the password\n  * Call the FailedPasswordReset API when the user attempts to reset the password but fails to do so\n\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"Immunio.Authentication.Login(user_name, id, email)\",\n      \"language\": \"csharp\",\n      \"name\": \"Login API\"\n    }\n  ]\n}\n[/block]\nIndicates to the Immunio Agent that the user successfully logged in. \nAttributes:\n  * User name  : mandatory\n  * id                 : optional\n  * email           : optional \n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"Immunio.Authentication.FailedLogin(user_name, id, email)\",\n      \"language\": \"csharp\",\n      \"name\": \"FailedLogin API\"\n    }\n  ]\n}\n[/block]\nIndicates to the Immunio Agent that the user attempted to log in, but didn't succeed. \nAttributes:\n  * User name  : mandatory\n  * id                 : optional\n  * email           : optional \n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"Immunio.Authentication.Logout(user_name, id, email)\",\n      \"language\": \"csharp\",\n      \"name\": \"Logout API\"\n    }\n  ]\n}\n[/block]\nIndicates to the Immunio Agent that the user logged out. \nAttributes:\n  * User name  : mandatory\n  * id                 : optional\n  * email           : optional \n\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"Immunio.Authentication.AccountCreated(user_name, id, email)\",\n      \"language\": \"csharp\",\n      \"name\": \"AccountCreated API\"\n    }\n  ]\n}\n[/block]\nIndicates to the Immunio Agent the user successfully created an account.\nAttributes:\n  * User name  : mandatory\n  * id                 : optional\n  * email           : optional \n\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"Immunio.Authentication.PasswordReset(user_name, id, email)\",\n      \"language\": \"csharp\",\n      \"name\": \"PasswordReset API\"\n    }\n  ]\n}\n[/block]\nIndicates to the Immunio Agent the user successfully reset the password.\nAttributes:\n  * User name  : mandatory\n  * id                 : optional\n  * email           : optional \n\n\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"Immunio.Authentication.FailedPasswordReset(user_name, id, email)\",\n      \"language\": \"csharp\",\n      \"name\": \"FailedPasswordReset API\"\n    }\n  ]\n}\n[/block]\nIndicates to the Immunio Agent the user attempted to reset the password, but failed to do so.\nAttributes:\n  * User name  : mandatory\n  * id                 : optional\n  * email           : optional \n[block:api-header]\n{\n  \"title\": \"Authentication API Sample Code\"\n}\n[/block]\nThe code snippet below provides a sample usage of the Authentication API.\nThe code snippet below adds the Authentication API calls in your Controller code as an example here called AuthenticationController.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"using Immunio;\\n\\n\\n// In your controller handling authentication\\npublic class AccountController : Controller\\n{\\n    // ...\\n\\n    // Setup a property to access Immunio's Authentication API\\n    public Immunio.Authentication ImmunioAuthentication => new Authentication(HttpContext);\\n\\n    // This is where your login code is implemented\\n    public IActionResult Login()\\n    {\\n        // ...here would be your code attempting\\n        // ...to log in the user\\n        if (result.Succeeded)\\n        {\\n            ImmunioAuthentication.Login(model.Email);\\n            // ...\\n        }\\n        else\\n        {\\n            ImmunioAuthentication.FailedLogin(model.Email);\\n            // ...\\n        }\\n    }\\n  \\n    public IActionResult LogOff()\\n    {\\n        // ... here would be your code for logging out\\n        // ... the user\\n        ImmunioAuthentication.Logout(userName);\\n        // ...\\n    }\\n\\n    // This is your code for self serve registration\\n    // that ends up creating a user account\\n    public IActionResult Register()\\n    {\\n        // ... here would be your code to create the\\n        // ... the user account\\n        if (result.Succeeded)\\n        {\\n            ImmunioAuthentication.AccountCreated(user.Email);\\n            // ...\\n        }\\n    }\\n\\n    // This is your code for dealing with password\\n    // reset requests.\\n    public IActionResult ForgotPassword()\\n    {\\n        // ... here would be your code for dealing\\n        // ... with the user password reset request\\n        ...\\n        if (succeeded)\\n        {\\n            ImmunioAuthentication.PasswordReset(model.Email);\\n            // ...\\n        }\\n        else\\n        {\\n            ImmunioAuthentication.FailedPasswordReset(model.Email);\\n            // ...\\n        }\\n    }\\n\\n}\",\n      \"language\": \"csharp\",\n      \"name\": \"Authentication API usage example\"\n    }\n  ]\n}\n[/block]","excerpt":"","slug":"net-agent-api","type":"basic","title":".NET Agent API"}
In most cases, the IMMUNIO agent will automatically instrument your app to detect all supported threat types. If your app uses some features or libraries that Immunio does not yet support, you can still get full protection by calling the Immunio API from your app code to provide any missing information. [block:api-header] { "title": "Authentication Related API" } [/block] The Authentication API enables the application to notify the Immunio Agent when a user fails to or succeeds to log in, as well as when the user logs off. These 3 simple API calls enables Immunio to protect the application against bruteforce and other account take over attacks. To use the Authentication API, do the following: * Create a property in your account / authentication code, for accessing the Immunio Authentication API * Call the Login Authentication API when the user successfully logs in * Call the FailedLogin Authentication API when the user fails to log in * Call the Logout Authentication API when the user logs out Immunio also enables to protect against excessive attempts to create accounts or reset password. To use the Authentication API for these functions, do the following: * Call the AccountCreated API when the user successfully created an account * Call the PasswordReset API when the user successfully reset the password * Call the FailedPasswordReset API when the user attempts to reset the password but fails to do so [block:code] { "codes": [ { "code": "Immunio.Authentication.Login(user_name, id, email)", "language": "csharp", "name": "Login API" } ] } [/block] Indicates to the Immunio Agent that the user successfully logged in. Attributes: * User name : mandatory * id : optional * email : optional [block:code] { "codes": [ { "code": "Immunio.Authentication.FailedLogin(user_name, id, email)", "language": "csharp", "name": "FailedLogin API" } ] } [/block] Indicates to the Immunio Agent that the user attempted to log in, but didn't succeed. Attributes: * User name : mandatory * id : optional * email : optional [block:code] { "codes": [ { "code": "Immunio.Authentication.Logout(user_name, id, email)", "language": "csharp", "name": "Logout API" } ] } [/block] Indicates to the Immunio Agent that the user logged out. Attributes: * User name : mandatory * id : optional * email : optional [block:code] { "codes": [ { "code": "Immunio.Authentication.AccountCreated(user_name, id, email)", "language": "csharp", "name": "AccountCreated API" } ] } [/block] Indicates to the Immunio Agent the user successfully created an account. Attributes: * User name : mandatory * id : optional * email : optional [block:code] { "codes": [ { "code": "Immunio.Authentication.PasswordReset(user_name, id, email)", "language": "csharp", "name": "PasswordReset API" } ] } [/block] Indicates to the Immunio Agent the user successfully reset the password. Attributes: * User name : mandatory * id : optional * email : optional [block:code] { "codes": [ { "code": "Immunio.Authentication.FailedPasswordReset(user_name, id, email)", "language": "csharp", "name": "FailedPasswordReset API" } ] } [/block] Indicates to the Immunio Agent the user attempted to reset the password, but failed to do so. Attributes: * User name : mandatory * id : optional * email : optional [block:api-header] { "title": "Authentication API Sample Code" } [/block] The code snippet below provides a sample usage of the Authentication API. The code snippet below adds the Authentication API calls in your Controller code as an example here called AuthenticationController. [block:code] { "codes": [ { "code": "using Immunio;\n\n\n// In your controller handling authentication\npublic class AccountController : Controller\n{\n // ...\n\n // Setup a property to access Immunio's Authentication API\n public Immunio.Authentication ImmunioAuthentication => new Authentication(HttpContext);\n\n // This is where your login code is implemented\n public IActionResult Login()\n {\n // ...here would be your code attempting\n // ...to log in the user\n if (result.Succeeded)\n {\n ImmunioAuthentication.Login(model.Email);\n // ...\n }\n else\n {\n ImmunioAuthentication.FailedLogin(model.Email);\n // ...\n }\n }\n \n public IActionResult LogOff()\n {\n // ... here would be your code for logging out\n // ... the user\n ImmunioAuthentication.Logout(userName);\n // ...\n }\n\n // This is your code for self serve registration\n // that ends up creating a user account\n public IActionResult Register()\n {\n // ... here would be your code to create the\n // ... the user account\n if (result.Succeeded)\n {\n ImmunioAuthentication.AccountCreated(user.Email);\n // ...\n }\n }\n\n // This is your code for dealing with password\n // reset requests.\n public IActionResult ForgotPassword()\n {\n // ... here would be your code for dealing\n // ... with the user password reset request\n ...\n if (succeeded)\n {\n ImmunioAuthentication.PasswordReset(model.Email);\n // ...\n }\n else\n {\n ImmunioAuthentication.FailedPasswordReset(model.Email);\n // ...\n }\n }\n\n}", "language": "csharp", "name": "Authentication API usage example" } ] } [/block]