adamant-processor-34239
03/15/2023, 8:08 AM/self-service/login?flow={{id}}
) has Header Accept: application/json on response of this request I cannot see that user has activated aal2 only identity is null.
How can I found out that user has activated aal2 without run second request, e.g. /sessions/whoami
?
{
"session": {
"id": "3f2a3955-3e37-43ca-97a4-edd44ad52fa5",
"active": true,
"expires_at": "2023-03-16T07:34:16.452916981Z",
"authenticated_at": "2023-03-15T07:34:16.452916981Z",
"authenticator_assurance_level": "aal1",
"authentication_methods": [
{
"method": "password",
"aal": "aal1",
"completed_at": "2023-03-15T07:34:16.452913581Z"
}
],
"issued_at": "2023-03-15T07:34:16.452916981Z",
"identity": null,
"devices": [
{
"id": "7deccb96-b9e4-4e75-9042-bac7d208ac29",
"ip_address": "5.146.248.204",
"user_agent": "PostmanRuntime/7.31.1",
"location": ""
}
]
}
}
here response of /sessions/whoami
that tells me “id”: “session_aal2_required”,
{
"error": {
"id": "session_aal2_required",
"code": 403,
"status": "Forbidden",
"reason": "An active session was found but it does not fulfill the requested Authenticator Assurance Level. Please verify yourself with a second factor to resolve this issue.",
"details": {
"redirect_browser_to": "<https://auth-hansetag.westeurope.cloudapp.azure.com/self-service/login/browser?aal=aal2>"
},
"message": "Session does not fulfill the requested Authenticator Assurance Level"
},
"redirect_browser_to": "<https://auth-hansetag.westeurope.cloudapp.azure.com/self-service/login/browser?aal=aal2>"
}