The /Authentication/OTP/Validate
endpoint allows the user to send their One-Time Password (OTP) for validation. The user must provide the OTP along with any additional required information, such as username or deviceId. The server will verify the provided OTP against the expected value and check for expiration or other constraints. If the OTP is valid, the server will return a success message, allowing the user to proceed with MFA. In case of errors, such as invalid or expired OTP, appropriate error codes and messages will be provided.
Object with items required to reset one-time password.
Login successful
Bad Request
Unauthorized access
Access forbidden
Resource was not found
Conflict.
Too Many Requests
{- "login": {
- "username": "joeblow@acme.com",
- "deviceId": "A-10000",
- "oneTimePassword": "string"
}
}
{- "loginDetails": {
- "isValidClient": true,
- "username": "joeblow@acme.com",
- "deviceId": "A-10000",
- "userRolesByClient": [
- {
- "clientId": "987654",
- "name": "Acme Co",
- "userRoles": [
- "admin"
], - "cryptoKeys": {
- "deviceEncryptionKey": "63ee6fab-2e6d-4f7b-8e4b-c6643e4cf364",
- "transactionEncryptionKey": "b465a1e9-42a1-4c22-a33d-f1faa80ea3b7"
}
}, - {
- "clientId": "324234",
- "name": "Pace Software",
- "userRoles": [
- "agent",
- "merchant"
], - "cryptoKeys": {
- "deviceEncryptionKey": "6777c9a9-2524-405b-b71f-ccbfd7cc2645",
- "transactionEncryptionKey": "243df8d8-b468-4fab-b79c-e6aa8932dc63"
}
}
]
}
}