Weavr
Powered by Redocly

Additional Factors

Manage additional strong customer authentication factors for your users.

Get user authentication factors

Retrieves the list of authentication factors that can be used to verify the logged-in user.

Securityauth_token and api_key
Responses
200

Success

400

Bad Request Error - Your request is invalid.

401

Unauthorized - Your credentials or access token are invalid.

403

Forbidden - Access to the requested resource or action is forbidden.

404

Not found - The requested resource couldn't be found.

429

Too many requests.

500

Internal Server Error - There is a problem with the server. Please try again later.

503

Service Unavailable - We're temporarily offline for maintenance. Please try again later.

default

Error

get/authentication_factors
Request samples 
Response samples 
application/json
{
  • "factors": [
    ]
}
Enrol a user device for authentication using one-time passwords
This is the first step in enrolling the logged-in user's mobile device, where a one-time password is sent to the device.


Note that on the Sandbox Environment, text messages are not sent and the one-time-password is always "123456".


Securityapi_key and auth_token 
Request 
path Parameters
channel
required
string (SCAOtpChannel) 
The unique identifier for the channel.


 Value: "SMS"  
Responses 
204
Success - No Content.


400
Bad Request Error - Your request is invalid.


401
Unauthorized - Your credentials or access token are invalid.


403
Forbidden - Access to the requested resource or action is forbidden.


404
Not found - The requested resource couldn't be found.


409
Conflict


429
Too many requests.


500
Internal Server Error - There is a problem with the server. Please try again later.


503
Service Unavailable - We're temporarily offline for maintenance. Please try again later.


default
Error


post/authentication_factors/otp/{channel}
Request samples 
Response samples 
application/json
{
  • "message": "string",
  • "syntaxErrors": {
    }
}
Verify enrolment of a user device for authentication using one-time passwords
The second step in enrolling the logged-in user (root or authorised user) to use one-time-passwords to enable verification of transactions.


Note that on the Sandbox Environment, text messages are not sent and the verificationCode is always set to "123456".


Securityapi_key and auth_token 
Request 
path Parameters
channel
required
string (SCAOtpChannel) 
The unique identifier for the channel.


 Value: "SMS"  
Request Body schema: application/json
required
verificationCode
required
string (Nonce)   = 6 characters ^[0-9]*$
The code received by the user on the device.


 
Responses 
204
Success - No Content.


400
Bad Request Error - Your request is invalid.


401
Unauthorized - Your credentials or access token are invalid.


403
Forbidden - Access to the requested resource or action is forbidden.


404
Not found - The requested resource couldn't be found.


409
Conflict


429
Too many requests.


500
Internal Server Error - There is a problem with the server. Please try again later.


503
Service Unavailable - We're temporarily offline for maintenance. Please try again later.


default
Error


post/authentication_factors/otp/{channel}/verify
Request samples 
application/json
{
  • "verificationCode": "string"
}
Response samples 
application/json
{
  • "message": "string",
  • "syntaxErrors": {
    }
}
Enrol a user device for authentication using push notifications
This is the first step in enrolling the logged-in user's mobile device, where a push notification is sent to the device.


Securityapi_key and auth_token 
Request 
path Parameters
channel
required
string (AuthSCAPushChannel) 
    

  • "AUTHY": The push notification is sent on the user's device using Twilio Authy
    • 



 Value: "AUTHY"  
Responses 
200
Success


204
Success - No Content.


400
Bad Request Error - Your request is invalid.


401
Unauthorized - Your credentials or access token are invalid.


403
Forbidden - Access to the requested resource or action is forbidden.


404
Not found - The requested resource couldn't be found.


409
Conflict


429
Too many requests.


500
Internal Server Error - There is a problem with the server. Please try again later.


503
Service Unavailable - We're temporarily offline for maintenance. Please try again later.


default
Error


post/authentication_factors/push/{channel}
Request samples 
Response samples 
application/json
{
  • "linkingCode": "string"
}
Unlink a user device for authentication using push notifications
Unlink a user device for authentication using push notifications


Securityapi_key and auth_token 
Request 
path Parameters
channel
required
string (SCAPushChannel) 
    

  • "AUTHY": The push notification is sent on the user's device using Twilio Authy
    • 

  • "BIOMETRIC": The push notification is sent to the user's device
    • 



 Enum: "AUTHY" "BIOMETRIC"  
Responses 
204
Success - No Content.


400
Bad Request Error - Your request is invalid.


401
Unauthorized - Your credentials or access token are invalid.


403
Forbidden - Access to the requested resource or action is forbidden.


404
Not found - The requested resource couldn't be found.


409
Conflict


429
Too many requests.


500
Internal Server Error - There is a problem with the server. Please try again later.


503
Service Unavailable - We're temporarily offline for maintenance. Please try again later.


default
Error


delete/authentication_factors/push/{channel}
Request samples 
Response samples 
application/json
{
  • "message": "string",
  • "syntaxErrors": {
    }
}
➔ Next to Challenges