Request one time password
/accounts/request_one_time_password
Target audience: Developers
Request one time password¶
Release version: 4.7.6.1
Introduction¶
This endpoint is used to create an one time password (OTP) for an existing account as an alternative to log in. One time password will henceforth be abbreviated as OTP. The event account_requested_one_time_password will be triggered on success. By default a Payway e-mail will be sent with the one time password and the login url.
URI¶
| Environment | URI |
|---|---|
| Stage | https://payway-api.stage.adeprimo.se/external/api/v1/accounts/request_one_time_password |
| Production | https://backend.worldoftulo.com/external/api/v1/accounts/request_one_time_password |
Requirements and limitations¶
- OTP Configuration enabled in PAP.
- Only available with SSO2.
| Identity | Scope |
|---|---|
| No | /external/account/w |
Parameters¶
| Field | Required | Type | Description |
|---|---|---|---|
| account_id or email | Yes | String | The id of the account for which to create the OTP. Size range: ..24 Allowed values: "/^[a-f\d]{24}$/i" OR The e-mail address of the account for which to create the OTP. Size range: ..1024 Allowed values: "/\A[\w+-.]+@[a-z\d-]+(.[a-z]+)*.[a-z]+\z/i" |
| otp_login_url | No | String | Override the PAP OTP configuration, with the url to your OTP login page. Default url will be set to the PCP OTP login page if not provided in the OTP configuration. Allowed values: Absolute uri. For example: https://www.yourloginurl.com |
| otp_ttl | No | String | Override the PAP OTP configuration, with the time in seconds for the OTP to be valid. Default value set from OTP configuration. Allowed value: "/^[0-9]{3,5}$/" Minimum value: 600 (10 minutes) Maximum value: 10800 (3 hours) |
| otp_numeric | No | Boolean | Override the PAP OTP configuration, set to true if the OTP should only include numbers, set to false if the OTP should include both numbers and letters. Default value set from OTP configuration. Allowed values: true/false |
Curl Example¶
curl --request POST \
--url https://payway-api.stage.adeprimo.se/external/api/v1/accounts/request_one_time_password \
--header 'accept: application/json' \
--header 'authorization: Bearer token' \
--header 'content-type: application/json' \
--data '{
"email": "test@example.com",
"otp_login_url": "https://www.yoururl.com/login",
"otp_ttl": "3600",
"otp_numeric": true
}'
Response¶
| Field | Description |
|---|---|
| id | The account_id for which the OTP was created. |
Example Response¶
HTTP 201 Created
{
"id": "56e1741a6fc9365306000001"
}
Errors¶
Example error response¶
HTTP 400 Bad Request
{
"code": "invalid_parameter",
"field": "contact_email",
"message": "Parameter must match format (?i-mx:\\\\A[\\\\w+\\\\-.]+@[a-z\\\\d\\\\-]+(\\\\.[a-z]+)*\\\\.[a-z]+\\\\z)"
}
HTTP 400 Bad Request¶
| Name | Type | Description |
|---|---|---|
| invalid_parameter | Object | Validation error on any of the fields in the posted json |
| json_parser_error | Object | The request body could not be parsed as valid json |
| invalid_content_type_error | Object | The requests Content-Type header isn't set to application/json |
| unknown_parameter | Object | One or more of the fields in the posted json was not recognized |
HTTP 404 Not Found¶
| Name | Type | Description |
|---|---|---|
| not_found | Object | The account could not be found |
HTTP 500 Internal Server Error¶
| Name | Type | Description |
|---|---|---|
| internal_server_error | Object | Something unexpected happened server side |