Api documentation
Api documentation get started
Api documentation
References - AuthorizationAPI 1 Json Yaml
Provides authorization levels for a corporate
GET /v1/authorization/authorization-levels
Parameter | Type/Format | Description |
---|---|---|
identifier
|
Query / String |
Corporate ID (for corporate customers) or CIF (for detecting joints) |
bankId
|
Query / String |
Bank ID |
amount
|
Query / Number |
Amount to authorize |
accountID
|
Query / String |
AccountID to filter on |
transactionType
|
Query / String |
Transaction Type |
authorizationType
|
Query / String |
|
currency
|
Query / String |
Currency code to filter on |
Response
200 - search results matching criteria
400 - bad input parameter
{
"searchCriteria": {
"identifier": "CORP001",
"amount": "15000.22999999999956344254314899444580078125",
"ccy": "EUR",
"accountID": "1234567891213123",
"bankID": "1",
"transactionType": "PMT",
"authorizationType": "N/A"
},
"Authorizations": {
"type": "PAYMENT",
"EnforceHierarchy": false,
"levels": [
{
"level": "1",
"authorizationCount": "1",
"currency": "EUR",
"account": "1234567891213123",
"users": [
{
"name": "JONJ001"
}
]
}
]
}
}
Evaluates the user for signing and accepts signature if user is allowed and/or valid.
POST /v1/authorization/evaluate-signer
Evaluates the user for signing and accepts signature if user is allowed and/or valid.
Parameter | Type/Format | Description |
---|---|---|
command
|
Body / |
Request with details required for checking the signing rules and inserting a signature if user is allowed to sign the payload. |
Response
200 - OK
{ "reason": "string"}
Evaluates the existing signatures from supplied payload and calling context against signing rules defined.
POST /v1/authorization/evaluate-signatures
Evaluates the existing signatures from supplied payload and calling context against signing rules defined.
Parameter | Type/Format | Description |
---|---|---|
command
|
Body / |
Request with details required for status of signing resource. |
Response
200 - OK
{
"reason": "string",
"signatures": [
{
"entity": "string",
"required": "integer",
"existing": "integer"
}
]
}
Verify OCRA response
POST /v1/authorization/ocra/verify
Verifies OCRA response to previously generated challenge
Parameter | Type/Format | Description |
---|---|---|
cmd
|
Body / |
Request with details to verify OCRA response |
Response
204 - No content - OCRA response is valid
440 - Your request was well constructed but OCRA response could not be verified. Consider the following possible problems and look into response for more details: - [bad-response]() - [replayed-response]() - [no-such-challenge]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)
Generate OCRA challenge
POST /v1/authorization/ocra/challenge
Generates OCRA challenge based on optional data for signature provided by application or random seed
Parameter | Type/Format | Description |
---|---|---|
cmd
|
Body / |
Request with details to generate OCRA challenge |
Response
200 - OK - OCRA challenge generated
440 - Your request was well constructed but OCRA challenge could not be generated. Consider the following possible problems and look into response for more details: - [no-such-user]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)
{
"challenge-id": "string",
"challenge-code": "string"
}
Working with one-time passwords
Verify OATH compliant one-time password
POST /v1/authorization/otp/oath/verify
Verifies TOTP or HOTP one-time password entered by user identified with user-id
Parameter | Type/Format | Description |
---|---|---|
cmd
|
Body / |
Request with details to verify HOTP or TOTP |
Response
204 - No content - OTP is valid
440 - Your request was well constructed but OTP could not be verified. Consider the following possible problems and look into response for more details: - [bad-otp]() - [replayed-otp]() - [no-such-user]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)
Verify email one-time password
POST /v1/authorization/otp/email/verify
Verifies one-time password entered by user for verification in progress
Parameter | Type/Format | Description |
---|---|---|
cmd
|
Body / |
Request with details to verify email OTP |
Response
204 - No content - OTP is valid
440 - Your request was well constructed but OTP coul not be verified. Consider the following possible problems and look into response for more details: - [bad-otp]() - [replayed-otp]() - [no-such-verification]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)
Generate and send email with one-time password
POST /v1/authorization/otp/email/send
Generates one-time password and sends it to receipient specified in user-id
or email
Parameter | Type/Format | Description |
---|---|---|
cmd
|
Body / |
Command with details to send OTP email |
Response
202 - Accepted - Email sent
440 - Your request was well constructed but it could not be processed. Consider the following possible problems and look into response for more details: - [no-such-user]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)
{}
Verify SMS one-time password
POST /v1/authorization/otp/sms/verify
Verifies one-time password entered by user for verification in progress
Parameter | Type/Format | Description |
---|---|---|
cmd
|
Body / |
Request with details to verify SMS OTP |
Response
204 - No content - OTP is valid
440 - Your request was well constructed but OTP was be verified. Consider the following possible problems and look into response for more details: - [bad-otp]() - [replayed-otp]() - [no-such-verification]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)
Generate and send SMS one-time password
POST /v1/authorization/otp/sms/send
Generates one-time password and sends it to receipient specified in user-id
or phone-number
Parameter | Type/Format | Description |
---|---|---|
cmd
|
Body / |
Command with details to send SMS OTP |
Response
202 - Accepted - SMS sent
440 - Your request was well constructed but it could not be processed. Consider the following possible problems and look into response for more details: - [no-such-user]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)
{}