Weavr
Powered by Redocly

Step up

Issue a one-time password that can be used to step-up a token

Initiates the step-up token process by sending an SMS with an one-time-password to a device belonging to the logged-in user that was previously enrolled through /authentication_factors/otp/{channel} endpoint.

This process is required for endpoints that require a step-up token to complete the call.

Note that on the Sandbox Environment, text messages are not sent and the one-time-password is always "123456".

SecurityapiKey and authToken
Request
path Parameters
channel
required
string

The unique identifier for the channel.

Value: "SMS"
header Parameters
idempotency-ref
string

A unique call reference generated by the caller that, taking into consideration the payload as well as the operation itself, helps avoid duplicate operations. Idempotency reference uniqueness is maintained for at least 24 hours.

Responses
204

Success - No Content.

400

Bad Request Error - Your request is invalid.

401

Unauthorized - Your credentials or access token are invalid.

403

Forbidden - Access to the requested resource or action is forbidden.

404

Not found - The requested resource couldn't be found.

409

Conflict

413

Content Too Large

422

Unprocessable Entity

429

Too many requests.

500

Internal Server Error - There is a problem with the server. Please try again later.

503

Service Unavailable - We're temporarily offline for maintenance. Please try again later.

default

Error

post/v1/stepup/challenges/otp/{channel}
Response samples
application/json
{
  • "message": "string",
  • "syntaxErrors": {
    }
}

Verify a step-up token using a one-time password

Completes the verification process for a step up token.

Note that on the Sandbox Environment, text messages are not sent and the verificationCode is always "123456".

SecurityapiKey and authToken
Request
path Parameters
channel
required
string

The unique identifier for the channel.

Value: "SMS"
header Parameters
idempotency-ref
string

A unique call reference generated by the caller that, taking into consideration the payload as well as the operation itself, helps avoid duplicate operations. Idempotency reference uniqueness is maintained for at least 24 hours.

Request Body schema: application/json
required
verificationCode
required
string = 6 characters ^[0-9]*$

The code received by the user on the device.

Responses
204

Success - No Content.

400

Bad Request Error - Your request is invalid.

401

Unauthorized - Your credentials or access token are invalid.

403

Forbidden - Access to the requested resource or action is forbidden.

404

Not found - The requested resource couldn't be found.

409

Conflict

413

Content Too Large

422

Unprocessable Entity

429

Too many requests.

500

Internal Server Error - There is a problem with the server. Please try again later.

503

Service Unavailable - We're temporarily offline for maintenance. Please try again later.

default

Error

post/v1/stepup/challenges/otp/{channel}/verify
Request samples
application/json
{
  • "verificationCode": "string"
}
Response samples
application/json
{
  • "message": "string",
  • "syntaxErrors": {
    }
}
➔ Next to Buyers