pam_authenticate(3) -- Linux man page
pam_authenticate - authenticate a user
int pam_authenticate(pam_handle_t *pamh, int flags);
Use this function to authenticate an applicant user. It is linked dynamically to the authentication modules by Linux-PAM. It is the task of these module to perform such an authentication. The specific nature of the authentication is not the concern of the application.
Following successful completion, the name of the authenticated user will be present in the Linux-PAM item PAM_USER. This item may be recovered with a call to pam_get_item(3).
The application developer should note that the modules may request that the user enter their username via the conversation mechanism (see pam_start(3)). Should this be the case, the user-prompt string can be set via the PAM_USER_PROMPT item (see pam_set_item(3)).
RETURN VALUEOn success PAM_SUCCESS is returned. All other returns should be considered authentication failures and will be delayed by an amount specified with prior calls to pam_fail_delay(3). Specific failures that demand special attention are the following:
the application should exit immediately. Of course,
should be called first.
the application has tried too many times to authenticate the
user, authentication should not be attempted again.
ERRORSMay be translated to text with pam_strerror(3).
CONFORMING TODCE-RFC 86.0, October 1995.
Also, see the three Linux-PAM Guides, for System administrators, module developers, and application developers.