Request one-time password.

Use the POST /Authentication/Password/Reset endpoint for requesting a one-time password (OTP) for MFA. After a successful initial authentication using username and password, the client sends a request to this endpoint, which triggers the server to create a time-limited OTP and deliver it through a pre-configured method (e.g., SMS, email). You must then provide the received OTP as part of the authentication process to verify your identity. This additional security layer helps protect your account against unauthorized access, even if your primary credentials are compromised.

SecurityApiKeyAuth

Request

header Parameters

required

string

Initialization Vector for database encryption.

Request Body schema:
application/UNENCRYPTED—DO_NOT_SEND+json

object

username	string (Username) An string containing the user's login credential, which is either the user's primary `emailAddress` or primary `phoneNumber`.
deviceId	string (DeviceId) The unique identifier for the device.

otpReference

string

Responses

200

400

Bad Request

401

Unauthorized access

403

Access forbidden

404

Resource was not found

409

Conflict.

429

Too Many Requests

post/authentication/otp/request

Request samples

{"userCredentials": {"username": "joeblow@acme.com",
"deviceId": "A-10000"
},
"otpReference": "string"
}

Response samples

{"otpResponse": {"otpStatus": "Active"
},
"cryptoKeys": {"deviceEncryptionKey": "7625e224dc0f0ec91ad28c1ee67b1eb96d1a5459533c5c950f44aae1e32f2da3",
"transactionEncryptionKey": "aafeeba6959ebeeb96519d5dcf0bcc069f81e4bb56c246d04872db92666e6d4b"
}
}