Norsh
Home
NTPNCLAPI
Home
NTPNCLAPI
  1. Address
  • Norsh
    • Usage Guide
      • Identity in the Norsh Ecosystem
      • UCP Message Structure (Standard Request Format)
    • API
      • UCP Error Codes
      • Keys Identity
        • Generates a public and private key pair
      • Address
        • Register Address
          POST
        • Get Address
          POST
        • Enable TOTP
          POST
        • Disable TOTP
          POST
        • Enable Secret-Based Authentication
          POST
        • Disable Secret-Based Authentication
          POST
        • Revoke Address
          POST
      • Modules
        • Get Module
        • Create Notary
      • Statements
        • Get Statement
        • Create Notary Statement
      • BigLedger
        • Get BigLedger Statement
      • Tartarus
        • Get Tartarus Statement
      • Envelopes
        • Get Envelope
  • NTP - Norsh Technical Paper
    • NTP-1: Norsh Technical Paper Specification
    • NTP-2: Standards for Encoding, Time and Localization
    • NTP-3: Cryptography and Hash Specification
    • NTP-4: Interchangeable Data Standard
    • NTP-5: Temporal Time-Step Model
    • NTP-6: Modular Prime Fragmentation
    • NTP-7: The End of Mining - PoW
    • NTP-8: The Fallacy of Stake - PoS
    • NTP-9: The Myth of Absolute Non-Censorship
    • NTP-10: Structural Failures of Decentralization
    • NTP-11: Universal Blockchain Protocol (UBP)
    • NTP-12: Sharded Certificate Storage for the Norsh Ecosystem
  • NCL - Norsh Commons License
    • NCL-0: Norsh Commons License
    • NCL-1: Attribution Requirement
    • NCL-2: Restricted Commercialization
    • NCL-4: Commercialization with Agreement or Royalties
    • NCL-8: Educational Use Permission
    • NCL-16: Complementary Use and Integration Permission
    • NCL-32: Pre-Approval for Application Publication
    • NCL-64: Restricted or Authorized Derivatives
    • NCL-128: Contribution Terms
  • Compliance
    • Terms of Use
    • Privacy Policy
    • Norsh Brand and Trademark Usage Guidelines
    • AI Content Notice
    • Credits
    • Partners
    • Legal Templates
      • Policy on Public Disclosure of Legal Templates
      • NDA - Template
      • Service Agreement - Template
  • Resources
    • Norsh Brand Guidelines
    • Academy
      • Exam Program
  • Service Operations
    • Service Level Agreement (SLA)
    • Scheduled Maintenance Notice
    • Incident Reports
  • Schemas
    • Key & Address
      • Key.Generate
      • Address.Register
      • Address.Revoke
      • Address.TOTP.Enable
      • Address.TOTP.Disable
      • Address.Secret.Enable
      • Address.Secret.Disable
    • Modules
      • Module.Notary.Create
      • Module.Meter.Create
    • Ucp Response
    • Ucp PublicKey
    • Ucp Parameters
    • Ucp Header
    • Ucp Ghost
Home
NTPNCLAPI
Home
NTPNCLAPI
  1. Address

Enable Secret-Based Authentication

POST
https://sandbox.norsh.org/{network}/v1/ucp
Last modified:2025-10-30 03:54:51
This API enables secret-based authentication for a cryptographic address in the Norsh ecosystem. Unlike TOTP, this method relies on a static secret defined by the client or application. Once enabled, the secret is required in the ghost.secret field for future protected operations.
Secret-based authentication can coexist with TOTP-based authentication. Protected operations may require either or both, depending on policy.
Batch submission is supported; each message is processed independently.
Request:
This endpoint uses the UCP standard request format. In addition to the standard fields, specify the following fields for this operation:
command: Set to keys.secret.enable.
ghost (object, required):
secret (string, required): The static secret value to enable for authentication.
totp (integer, required if TOTP is already enabled for the address): The current valid TOTP (Time-based One-Time Password) code. Required if the address is configured with two-factor authentication.
Response:
Confirmation that secret-based authentication has been enabled for the specified address.
Notes:
The secret is defined by the client and transmitted only once, during the activation request. It is never returned by the server.
If the address already has TOTP enabled, the current valid TOTP code must also be provided in the ghost.totp field.
The client must include the secret in ghost.secret for all future protected operations.
Protected requests may require both secret and totp, depending on the current configuration.

Request

Path Params

Body Params application/vnd.ucp+json

Examples

Responses

🟢200Success
application/vnd.ucp+json
Body

🟠422Parameter Error
🟢207Multi-Status
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://sandbox.norsh.org//v1/ucp' \
--header 'Content-Type: application/vnd.ucp+json' \
--data-raw '[
    {
        "command": "address.secret.enable",
        "version": 1,
        "parameters": {},
        "publicKey": "MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEoVOBV/Ji7NfdOA8RAqpvqLQ7qnzuUHESOL/6Oosdg4/un0+YU+7QVX5L3sjXbbxYLQeYa4XPI7n5pKKOxNn2Qu7rsvY+CkHXW+lxzGKen9JA4EfnlWteM5KI3JYvH/Pj",
        "signature": "MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEoVOBV/Ji7NfdOA8RAqpvqLQ7qnzuUHESOL/6Oosdg4/un0+YU+7QVX5L3sjXbbxYLQeYa4XPI7n5pKKOxNn2Qu7rsvY+CkHXW+lxzGKen9JA4EfnlWteM5KI3JYvH/Pj",
        "ghost": {
            "secret": "norsh@2025"
        }
    }
]'
Response Response Example
200 - Success
[
    {
        "command": "keys.secret.enabled",
        "version": 1,
        "status": 200,
        "timestamp": "2025-09-22T03:15:52.48Z",
        "success": true,
        "result": "Secret has been enabled for this address.",
        "info": {
            "ledger": "bigledger",
            "statement": "69017c0f7fc2f1cacffed2ffc6ee937bba47d339c38390dc6c1380a85adc0244d83c197a7d603d513660c7f08618cb4b",
            "envelope": "78334f0b0e1c8696e74f30833ae9b024494d84996121ce1745126c7e468079db5fdb46327837ebaba1524a7e67f9d623",
            "duration": 77
        }
    }
]
Modified at 2025-10-30 03:54:51
Previous
Disable TOTP
Next
Disable Secret-Based Authentication
Built with