LinkCy

Authentication

Log with refresh token

Log into the application with a refresh token and get a new access token and a new refresh token.

This operation might require SCA.

Request
header Parameters
Linkcy-SCA-Strategy
string
Default: PUSH_NOTIFICATION

The strategy to use when a SCA is required:

More information:
  • PUSH_NOTIFICATION: will send a notification if the SCA is required.
  • JOIN_CODE: will return a join code if SCA is required.
  • FAIL: will fail if SCA is required.
  • BY_PASS: Sandbox only - will ignore any SCA if used.
ErrorCode
  • 409 Conflict
    • SCA_REQUIRED: The operation requires SCA. Can be returned if you try to use BY_PASS while not allowed. Will be returned if strategy is FAIL.
    • SCA_DEVICE_NOT_SET: The operation requires SCA and strategy allows it, but the user has no sca device set up. You need to enroll one first.
Enum: "PUSH_NOTIFICATION" "JOIN_CODE" "FAIL" "BY_PASS"
Linkcy-SCA-Factor
string
Default: BIOMETRY

The factor type required for the operation :

More information:
  • BIOMETRY: will require fingerprint or face recognition depending on device.
  • PIN: will require the endpoint pin. When using this factor, a pin must have been registered through the SDK first. Sca pin and end user password can differ.
ErrorCode
  • 400 Bad Request
    • SCA_FACTOR_NOT_SET: The user has a sca device set up, but the factor requested is not enrolled yet. You must either enroll it or change the factor.
Enum: "BIOMETRY" "PIN"
Linkcy-SCA-Id
string <uuid>

The id of the completed SCA operation.

ErrorCode
  • 404 Not Found
    • SCA_INTERACTION_NOT_FOUND: The specified id could not be found.
  • 409 Conflict
    • SCA_INTERACTION_NOT_COMPLETED: The SCA interaction is not completed (pending).
    • SCA_INTERACTION_DECLINED: The SCA interaction was declined by user or expired.
    • SCA_INTERACTION_ALREADY_CONSUMED: The SCA interaction has already been used, you need to create a new one.
    • SCA_INTERACTION_DOES_NOT_MATCH: The SCA interaction does not match the one you are trying to make. Body or url is different.
Request Body schema: application/json
required
refreshToken
required
string
Responses
200

OK

202

Waiting SCA

400

Bad Request

401

Unauthorized

403

Forbidden

post/api/partner/refresh
Request samples
application/json
{
  • "refreshToken": "string"
}
Response samples
application/json
{
  • "token": "string",
  • "refreshToken": "string",
  • "endUserId": "120e9d1f-8444-4b91-85e8-5b208615a3e5"
}

Initialize or reset a password

Whether you want to initialize first password or reset a password, you should use this endpoint. Send a secret by sms to the account owner that can be used to change the password of the account.

Request
Request Body schema: application/json
required
Any of:
consumerPhone
required
string^[0-9]{2,17}$

The complete consumer's phone, including country code. Must not contain +.

partnerName
required
string
phone
required
string
Responses
204

No Content

400

Bad Request

401

Unauthorized

403

Forbidden

post/api/partner/passwords/reset
Request samples
application/json
{
  • "consumerPhone": "33123456789",
  • "partnerName": "string",
  • "phone": "string"
}
Response samples
application/json
{
  • "status": 400,
  • "details": [
    ],
  • "error": "linkcy.bad.request",
  • "timestamp": "2019-08-24T14:15:22Z"
}

Change user password

Change a user password.

Request
Request Body schema: application/json
required
Any of:
passwordChangeSecret
required
string
newPassword
required
string [ 6 .. 2147483647 ] characters
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

post/api/partner/passwords/change
Request samples
application/json
{
  • "passwordChangeSecret": "string",
  • "newPassword": "string"
}
Response samples
application/json
{
  • "token": "string",
  • "refreshToken": "string",
  • "endUserId": "120e9d1f-8444-4b91-85e8-5b208615a3e5"
}

Log into the application

Log into the application with user credentials and get an access token and a refresh token.

This operation might require SCA.

Request
header Parameters
Linkcy-SCA-Strategy
string
Default: PUSH_NOTIFICATION

The strategy to use when a SCA is required:

More information:
  • PUSH_NOTIFICATION: will send a notification if the SCA is required.
  • JOIN_CODE: will return a join code if SCA is required.
  • FAIL: will fail if SCA is required.
  • BY_PASS: Sandbox only - will ignore any SCA if used.
ErrorCode
  • 409 Conflict
    • SCA_REQUIRED: The operation requires SCA. Can be returned if you try to use BY_PASS while not allowed. Will be returned if strategy is FAIL.
    • SCA_DEVICE_NOT_SET: The operation requires SCA and strategy allows it, but the user has no sca device set up. You need to enroll one first.
Enum: "PUSH_NOTIFICATION" "JOIN_CODE" "FAIL" "BY_PASS"
Linkcy-SCA-Factor
string
Default: BIOMETRY

The factor type required for the operation :

More information:
  • BIOMETRY: will require fingerprint or face recognition depending on device.
  • PIN: will require the endpoint pin. When using this factor, a pin must have been registered through the SDK first. Sca pin and end user password can differ.
ErrorCode
  • 400 Bad Request
    • SCA_FACTOR_NOT_SET: The user has a sca device set up, but the factor requested is not enrolled yet. You must either enroll it or change the factor.
Enum: "BIOMETRY" "PIN"
Linkcy-SCA-Id
string <uuid>

The id of the completed SCA operation.

ErrorCode
  • 404 Not Found
    • SCA_INTERACTION_NOT_FOUND: The specified id could not be found.
  • 409 Conflict
    • SCA_INTERACTION_NOT_COMPLETED: The SCA interaction is not completed (pending).
    • SCA_INTERACTION_DECLINED: The SCA interaction was declined by user or expired.
    • SCA_INTERACTION_ALREADY_CONSUMED: The SCA interaction has already been used, you need to create a new one.
    • SCA_INTERACTION_DOES_NOT_MATCH: The SCA interaction does not match the one you are trying to make. Body or url is different.
Request Body schema: application/json
required
Any of:
consumerPhone
required
string^[0-9]{2,17}$

The complete consumer's phone, including country code. Must not contain +.

partnerName
required
string
password
required
string
Responses
200

OK

202

Waiting SCA

400

Bad Request

401

Unauthorized

403

Forbidden

post/api/partner/login
Request samples
application/json
{
  • "consumerPhone": "33123456789",
  • "partnerName": "string",
  • "password": "string"
}
Response samples
application/json
{
  • "token": "string",
  • "refreshToken": "string",
  • "endUserId": "120e9d1f-8444-4b91-85e8-5b208615a3e5"
}
➔ Next to Strong Authentication