Authentication

Log with refresh token

Log into the application with a refresh token and get a new access token and a new refresh token.

This operation might require SCA.

SecurityNone
Request
header Parameters
Linkcy-SCA-Strategy
string
Default: PUSH_NOTIFICATION

The strategy to use when a SCA is required:

More information:
  • PUSH_NOTIFICATION: will send a notification if the SCA is required.
  • DATA_SIGNING: Linkcy-SCA-Signature header must contain signature provided by PowerAuth Mobile SDK on registered device.
  • BY_PASS: Sandbox only - will ignore any SCA if used.
Enum: "PUSH_NOTIFICATION" "DATA_SIGNING" "BY_PASS"
Linkcy-SCA-Signature
string

The signature that needs to be validated, it is generated from data signing.

More information:
  • Signature will be verified against wultra.
  • Operation will be denied if signature is not valide.
  • Avoid creating multiple signature at same time for the same registration.
  • Signature TTL is 30 sec.
Request Body schema: application/json
required
refreshToken
required
string
Responses
200

OK

202

Waiting SCA

400

Bad Request

401

Unauthorized

403

Forbidden

409

Conflict

post/api/partner/refresh
Request samples
application/json
{
  • "refreshToken": "string"
}
Response samples
application/json
{
  • "token": "string",
  • "refreshToken": "string",
  • "endUserId": "120e9d1f-8444-4b91-85e8-5b208615a3e5"
}

Initialize or reset a password

Whether you want to initialize first password or reset a password, you should use this endpoint. Send a secret by sms to the account owner that can be used to change the password of the account.

SecurityNone
Request
Request Body schema: application/json
required
Any of:
consumerPhone
required
string^[0-9]{2,17}$

The complete consumer's phone, including country code. Must not contain +.

partnerName
required
string
Responses
204

No Content

400

Bad Request

401

Unauthorized

403

Forbidden

409

Conflict

post/api/partner/passwords/reset
Request samples
application/json
{
  • "consumerPhone": "33123456789",
  • "partnerName": "string"
}
Response samples
application/json
{
  • "status": 400,
  • "details": [
    ],
  • "error": "linkcy.bad.request",
  • "timestamp": "2019-08-24T14:15:22Z"
}

Change user password

Change a user password.

SecurityNone
Request
Request Body schema: application/json
required
Any of:
passwordChangeSecret
required
string
newPassword
required
string [ 6 .. 2147483647 ] characters
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

409

Conflict

post/api/partner/passwords/change
Request samples
application/json
{
  • "passwordChangeSecret": "string",
  • "newPassword": "string"
}
Response samples
application/json
{
  • "token": "string",
  • "refreshToken": "string",
  • "endUserId": "120e9d1f-8444-4b91-85e8-5b208615a3e5"
}

Log into the application

Log into the application with user credentials and get an access token and a refresh token.

This operation might require SCA.

SecurityNone
Request
header Parameters
Linkcy-SCA-Strategy
string
Default: PUSH_NOTIFICATION

The strategy to use when a SCA is required:

More information:
  • PUSH_NOTIFICATION: will send a notification if the SCA is required.
  • DATA_SIGNING: Linkcy-SCA-Signature header must contain signature provided by PowerAuth Mobile SDK on registered device.
  • BY_PASS: Sandbox only - will ignore any SCA if used.
Enum: "PUSH_NOTIFICATION" "DATA_SIGNING" "BY_PASS"
Linkcy-SCA-Signature
string

The signature that needs to be validated, it is generated from data signing.

More information:
  • Signature will be verified against wultra.
  • Operation will be denied if signature is not valide.
  • Avoid creating multiple signature at same time for the same registration.
  • Signature TTL is 30 sec.
Request Body schema: application/json
required
Any of:
consumerPhone
required
string^[0-9]{2,17}$

The complete consumer's phone, including country code. Must not contain +.

partnerName
required
string
password
required
string
Responses
200

OK

202

Waiting SCA

400

Bad Request

401

Unauthorized

403

Forbidden

409

Conflict

post/api/partner/login
Request samples
application/json
{
  • "consumerPhone": "33123456789",
  • "partnerName": "string",
  • "password": "string"
}
Response samples
application/json
{
  • "token": "string",
  • "refreshToken": "string",
  • "endUserId": "120e9d1f-8444-4b91-85e8-5b208615a3e5"
}