Backup Archives
A new backup archive is created whenever a user successfully performs a “forgotten password” procedure. The purpose of a backup archive is to keep a copy of the user's secret backup (see endpoints related to account) at the time the password reset happenned, since reseting a user's password implies to overwrite her backup with an empty new one.
After a backup archive has been created, the user can attempt to decrypt it (by remembering the password that was lost, or providing the corresponding backup key).
The user can ask the backend to delete a backup archive, typically if she fears the corresponding password or backup key might have been exposed.
The frontend will also request the deletion of an archive after it has been successfully recovered.
#
Listing Backup Archives#
RequestCookies:
accesstoken
(opaque token) (ACR >= 2): the identity must be linked to an accounttokentype
: must bebearer
Headers:
X-CSRF-Token
: a token to prevent from CSRF attacks.
Only the backup archives related to the querier's account will be returned.
#
Response#
Getting the Data of a Backup Archive#
RequestCookies:
accesstoken
(opaque token) (ACR >= 2): the identity must be linked to an account and the archive must belong to this accounttokentype
: must bebearer
Headers:
X-CSRF-Token
: a token to prevent from CSRF attacks.
#
Response (Success)#
Response (Archive Deleted)#
Deleting a Backup Archive (After Recovery or on User Request)#
RequestCookies:
accesstoken
(opaque token) (ACR >= 2): the identity must be linked to an account and the archive must belong to this accounttokentype
: must bebearer
Headers:
X-CSRF-Token
: a token to prevent from CSRF attacks.
reason
must be either "recovery"
(if you are deleting the archive because it was successfully recovered)
or "deletion"
(if the user requested deletion of the archive).