Devices API
Gestion des appareils enregistres pour le systeme multi-appareils.
Base URL : /api/v2/devices
Endpoints
| Methode | Endpoint | Description | Auth |
|---|---|---|---|
| GET | /devices | Lister les appareils | Oui |
| POST | /devices | Enregistrer un appareil | Oui |
| GET | /devices/current | Appareil courant | Oui |
| GET | /devices/:id | Details d'un appareil | Oui |
| PATCH | /devices/:id | Modifier un appareil | Oui |
| DELETE | /devices/:id | Revoquer un appareil | Oui |
| DELETE | /devices | Revoquer tous les autres appareils | Oui |
| POST | /devices/:id/verify | Verifier un appareil (haute securite) | Oui |
GET /devices
Lister tous les appareils enregistres du compte.
GET /api/v2/devices
Authorization: Bearer <access_token>
Reponse 200 OK
{
"data": [
{
"id": "device-uuid-1",
"name": "iPhone 15 Pro",
"type": "MOBILE_IOS",
"fingerprint": "fp_abc123...",
"trustScore": 85,
"status": "ACTIVE",
"lastActiveAt": "2025-01-15T10:30:00Z",
"lastIp": "192.168.1.100",
"createdAt": "2024-12-01T00:00:00Z",
"isCurrent": true
},
{
"id": "device-uuid-2",
"name": "Living Room TV",
"type": "SMART_TV",
"fingerprint": "fp_def456...",
"trustScore": 90,
"status": "ACTIVE",
"lastActiveAt": "2025-01-14T20:00:00Z",
"lastIp": "192.168.1.50",
"createdAt": "2024-11-15T00:00:00Z",
"isCurrent": false
}
],
"meta": {
"total": 2,
"maxDevices": 5,
"remainingSlots": 3
}
}
POST /devices
Enregistrer un nouvel appareil.
POST /api/v2/devices
Authorization: Bearer <access_token>
Content-Type: application/json
{
"name": "My iPad",
"type": "TABLET_IOS",
"fingerprint": "device-fingerprint-from-sdk",
"metadata": {
"os": "iOS 17.2",
"appVersion": "2.1.0",
"model": "iPad Pro 12.9"
}
}
Reponse 201 Created
{
"id": "new-device-uuid",
"name": "My iPad",
"type": "TABLET_IOS",
"fingerprint": "device-fingerprint-from-sdk",
"trustScore": 50,
"status": "ACTIVE",
"metadata": {
"os": "iOS 17.2",
"appVersion": "2.1.0",
"model": "iPad Pro 12.9"
},
"createdAt": "2025-01-15T10:45:00Z"
}
Erreur 409 Conflict (limite atteinte)
{
"statusCode": 409,
"message": "Maximum device limit reached (5)",
"error": "DEVICE_LIMIT_EXCEEDED",
"currentDevices": 5,
"maxDevices": 5
}
DELETE /devices/:id
Revoquer un appareil et terminer toutes ses sessions.
DELETE /api/v2/devices/:id
Authorization: Bearer <access_token>
Reponse 200 OK
{
"message": "Device revoked successfully",
"revokedSessions": 2
}
attention
L'appareil courant ne peut pas etre revoque. Utilisez la deconnexion a la place.
DELETE /devices
Revoquer tous les appareils sauf l'appareil courant.
DELETE /api/v2/devices
Authorization: Bearer <access_token>
Reponse 200 OK
{
"message": "All other devices revoked",
"revokedDevices": 3,
"revokedSessions": 5
}
Types d'appareils
| Type | Description |
|---|---|
MOBILE_IOS | iPhone |
MOBILE_ANDROID | Telephone Android |
TABLET_IOS | iPad |
TABLET_ANDROID | Tablette Android |
WEB_BROWSER | Navigateur web |
SMART_TV | Smart TV |
STREAMING_DEVICE | Roku, Fire TV, Apple TV |
GAME_CONSOLE | PlayStation, Xbox |
UNKNOWN | Appareil non identifie |
Statuts d'appareil
| Statut | Description |
|---|---|
ACTIVE | Appareil de confiance et actif |
REVOKED | Appareil revoque |
SUSPICIOUS | Signale par le systeme de risque |
Trust Score
Le trust score va de 0 a 100 et est calcule selon :
| Facteur | Impact |
|---|---|
| Anciennete de l'appareil | +1/jour (max +30) |
| Connexions reussies | +5/connexion (max +20) |
| Connexions echouees | -10/echec |
| Activite suspecte | -20 a -50 |
| Coherence de localisation | +10 si coherent |
Actions selon le trust score
| Score | Action |
|---|---|
| 80-100 | Confiance -- Acces complet |
| 50-79 | Normal -- Acces standard |
| 20-49 | Prudence -- Verification possible |
| 0-19 | Non fiable -- Peut etre bloque |
Limites par plan d'abonnement
| Plan | Max appareils |
|---|---|
| Free | 2 |
| Basic | 3 |
| Premium | 5 |
| Ultimate | 10 |
Detection d'appareils suspects
Un appareil est signale comme suspect lorsque :
- Connexion depuis une nouvelle zone geographique
- Changements rapides d'appareil
- Multiples tentatives de connexion echouees
- Adresse IP de VPN/proxy connue
- Deplacement impossible detecte
Device Fingerprinting
Mobile (iOS/Android)
const fingerprint = {
vendorId: getVendorId(),
advertisingId: getAdId(),
model: getDeviceModel(),
osVersion: getOsVersion(),
appVersion: getAppVersion(),
};
Web Browser
import FingerprintJS from '@fingerprintjs/fingerprintjs';
const fp = await FingerprintJS.load();
const result = await fp.get();
const fingerprint = result.visitorId;
Codes d'erreur
| Code | HTTP | Description |
|---|---|---|
DEVICE_001 | 404 | Appareil introuvable |
DEVICE_002 | 409 | Limite d'appareils depassee |
DEVICE_003 | 403 | Impossible de revoquer l'appareil courant |
DEVICE_004 | 403 | Appareil marque comme suspect |
DEVICE_005 | 400 | Empreinte invalide |