GET /auth/devices/challenge/:device_verifying_key
Issues a short-lived random challenge and caches it against the device_verifying_key. Used to prove possession of the device's secret key before registration.
Used in flow: Before device registration or device key update
Authentication: JWT (Access Token)
Path Parameters
| Parameter | Type | Description |
|---|---|---|
device_verifying_key | string | Hex-encoded uncompressed public key of the device (04 || X || Y) |
Response
200 OK
{
"challenge": "<hex encoded 32-byte random value>",
"ttl_seconds": 300
}