Api documentation

Api documentation get started

Api documentation

References - AuthorizationAPI 1 Json Yaml

Provides authorization levels for a corporate

GET /v1/authorization/authorization-levels

Parameter Type/Format Description
identifier
Required

Query / String

Corporate ID (for corporate customers) or CIF (for detecting joints)
bankId
Required

Query / String

Bank ID
amount
Optional

Query / Number

Amount to authorize
accountID
Optional

Query / String

AccountID to filter on
transactionType
Optional

Query / String

Transaction Type
authorizationType
Optional

Query / String

currency
Optional

Query / String

Currency code to filter on

Response

200 - search results matching criteria
400 - bad input parameter 
{
  "searchCriteria": {
    "identifier": "CORP001",
    "amount": "15000.22999999999956344254314899444580078125",
    "ccy": "EUR",
    "accountID": "1234567891213123",
    "bankID": "1",
    "transactionType": "PMT",
    "authorizationType": "N/A"
  },
  "Authorizations": {
    "type": "PAYMENT",
    "EnforceHierarchy": false,
    "levels": [
      {
        "level": "1",
        "authorizationCount": "1",
        "currency": "EUR",
        "account": "1234567891213123",
        "users": [
          {
            "name": "JONJ001"
          }
        ]
      }
    ]
  }
}

Evaluates the user for signing and accepts signature if user is allowed and/or valid.

POST /v1/authorization/evaluate-signer

Evaluates the user for signing and accepts signature if user is allowed and/or valid.

Parameter Type/Format Description
command
Required

Body /

Request with details required for checking the signing rules and inserting a signature if user is allowed to sign the payload.

Response

200 - OK 
{  "reason": "string"}

Evaluates the existing signatures from supplied payload and calling context against signing rules defined.

POST /v1/authorization/evaluate-signatures

Evaluates the existing signatures from supplied payload and calling context against signing rules defined.

Parameter Type/Format Description
command
Required

Body /

Request with details required for status of signing resource.

Response

200 - OK 
{
  "reason": "string",
  "signatures": [
    {
      "entity": "string",
      "required": "integer",
      "existing": "integer"
    }
  ]
}

Verify OCRA response

POST /v1/authorization/ocra/verify

Verifies OCRA response to previously generated challenge

Parameter Type/Format Description
cmd
Required

Body /

Request with details to verify OCRA response

Response

204 - No content - OCRA response is valid
440 - Your request was well constructed but OCRA response could not be verified. Consider the following possible problems and look into response for more details: - [bad-response]() - [replayed-response]() - [no-such-challenge]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)

Generate OCRA challenge

POST /v1/authorization/ocra/challenge

Generates OCRA challenge based on optional data for signature provided by application or random seed

Parameter Type/Format Description
cmd
Required

Body /

Request with details to generate OCRA challenge

Response

200 - OK - OCRA challenge generated
440 - Your request was well constructed but OCRA challenge could not be generated. Consider the following possible problems and look into response for more details: - [no-such-user]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling) 
{
  "challenge-id": "string",
  "challenge-code": "string"
}

Working with one-time passwords

Verify OATH compliant one-time password

POST /v1/authorization/otp/oath/verify

Verifies TOTP or HOTP one-time password entered by user identified with user-id

Parameter Type/Format Description
cmd
Required

Body /

Request with details to verify HOTP or TOTP

Response

204 - No content - OTP is valid
440 - Your request was well constructed but OTP could not be verified. Consider the following possible problems and look into response for more details: - [bad-otp]() - [replayed-otp]() - [no-such-user]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)

Verify email one-time password

POST /v1/authorization/otp/email/verify

Verifies one-time password entered by user for verification in progress

Parameter Type/Format Description
cmd
Required

Body /

Request with details to verify email OTP

Response

204 - No content - OTP is valid
440 - Your request was well constructed but OTP coul not be verified. Consider the following possible problems and look into response for more details: - [bad-otp]() - [replayed-otp]() - [no-such-verification]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)

Generate and send email with one-time password

POST /v1/authorization/otp/email/send

Generates one-time password and sends it to receipient specified in user-id or email

Parameter Type/Format Description
cmd
Required

Body /

Command with details to send OTP email

Response

202 - Accepted - Email sent
440 - Your request was well constructed but it could not be processed. Consider the following possible problems and look into response for more details: - [no-such-user]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling) 
{}

Verify SMS one-time password

POST /v1/authorization/otp/sms/verify

Verifies one-time password entered by user for verification in progress

Parameter Type/Format Description
cmd
Required

Body /

Request with details to verify SMS OTP

Response

204 - No content - OTP is valid
440 - Your request was well constructed but OTP was be verified. Consider the following possible problems and look into response for more details: - [bad-otp]() - [replayed-otp]() - [no-such-verification]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling)

Generate and send SMS one-time password

POST /v1/authorization/otp/sms/send

Generates one-time password and sends it to receipient specified in user-id or phone-number

Parameter Type/Format Description
cmd
Required

Body /

Command with details to send SMS OTP

Response

202 - Accepted - SMS sent
440 - Your request was well constructed but it could not be processed. Consider the following possible problems and look into response for more details: - [no-such-user]()
default - Besides specific status codes above, other standard http [status codes](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) can be returned for each request. To learn more see general guidance on [error handling](common-getstarted.html#error-handling) 
{}