Data Adapter RESTful API Reference

PowerAuth Web Flow server and Next Step server communicate with the Data Adapter via a REST API. This chapter defines the REST API implemented by Data Adapter and consumed by the Web Flow Server.

Following topics are covered in this chapter:

You can access the generated REST API documentation in deployed Data Adapter:

http[s]://[host]:[port]/powerauth-data-adapter/swagger-ui.html

Status Codes and Error Handling

PowerAuth compliant Data Adapter uses a unified format for error response body, accompanied with an appropriate HTTP status code. Besides the HTTP error codes that application server may return regardless of server application (such as 404 when resource is not found or 503 when server is down).

All error responses that are produced by the Data Adapter should have following body:

{
    "status": "ERROR",
    "responseObject": {
        "code": "ERROR_CODE",
        "message": "ERROR_MESSAGE_I18N_KEY"
    }
}

Expected error messages are explained in details in individual sections.

Service API

get /push/service/status Service Status

Get a system status response, with basic information about the running application.

The list of expected status codes:

Code Description
200 OK response - system status successfully retrieved
404 Not found - application is not running
500 Server errors - unexpected server error

Response

{
  "status": "OK",
  "responseObject": {
    "applicationName": "powerauth-data-adapter",
    "applicationDisplayName": "PowerAuth Data Adapter",
    "applicationEnvironment": "ENV1",
    "version": "0.22.0",
    "buildTime": "2019-06-21T12:49:22.959+0000",
    "timestamp": "2019-06-21T13:05:49.740+0000"
  }
}
  • applicationName - Application name.
  • applicationDisplayName - Application display name.
  • applicationEnvironment - Application environment.
  • version - Version of Data Adapter.
  • buildTime - Time when the powerauth-data-adapter.war file was built.
  • timestamp - Response timestamp.

User API

post /api/auth/user/lookup User Lookup

Perform a lookup of user account. The specified username is converted into a user ID. The username and user ID values may be identical, however in typical deployments they are different. Client TLS certificate can also be used for user lookup.

The list of expected status codes:

Code Description
200 OK response - user details were successfully retrieved
400 INPUT_INVALID - username has invalid format
400 USER_NOT_FOUND - user account does not exist
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

{
  "requestObject": {
    "username": "user1234",
    "organizationId": "RETAIL",
    "clientCertificate": "--- [CLIENT_CERTIFICATE] ---",
    "operationContext": {
      "id": "7662c638-9dc9-484c-a119-145b3685e623",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {}
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    }
  }
}

Response

User lookup response - user account exists
{
  "status": "OK",
  "responseObject": {
    "id": "12345678",
    "givenName": "John",
    "familyName": "Doe",
    "organizationId": "RETAIL",
    "accountStatus": "ACTIVE",
	"extras": {}  
  }
}
User lookup response - user account exists, however the account is not active (e.g. blocked)
{
  "status": "OK",
  "responseObject": {
    "id": "12345678",
    "givenName": "John",
    "familyName": "Doe",
    "organizationId": "RETAIL",
    "accountStatus": "NOT_ACTIVE"
  }
}
User lookup response - user account does not exist
{
  "status": "ERROR",
  "responseObject": {
    "code": "USER_NOT_FOUND",
    "message": "login.userNotFound",
    "validationErrors": null,
    "remainingAttempts": null
  }
}

Note that in SCA steps the implementations should hide this error, because the error could reveal which usernames are valid and which are not.

User lookup response - invalid input
{
  "status": "ERROR",
  "responseObject": {
    "code": "INPUT_INVALID",
    "message": "login.username.empty",
    "validationErrors": [
      "login.username.empty.objectRequest.requestObject.username",
      "login.username.empty.requestObject.username",
      "login.username.empty.username",
      "login.username.empty.java.lang.String",
      "login.username.empty"
    ],
    "remainingAttempts": null
  }
}

post /api/auth/user/authenticate User Authentication

Perform an authentication operation with user ID and password. This method is not SCA compliant.

The list of expected status codes:

Code Description
200 OK response - user was successfully authenticated
400 INPUT_INVALID - username and/or password has invalid format, unsupported authentication type
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "password": "s3cret",
    "authenticationContext": {
      "passwordProtection": "NO_PROTECTION",
      "cipherTransformation": "",
      "smsAuthorizationResult": null
    },
    "operationContext": {
      "id": "447fbd89-6f46-46da-a573-ade4f3409c94",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {}
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    }
  }
}
User password encryption and decryption

The NO_PROTECTION password protection type is used for plain text password in request (sent by default).

The password can be optionally encrypted. In this case the passwordProtection parameter provides information about type of password encryption and the cipherTransformation parameter contains information about used cipher.

It is expected that the remote system which handles password verification decrypts the password and it is not required to decrypt the password in the Data Adapter itself. The following code sample decrypts the encrypted password for PASSWORD_ENCRYPTION_AES authentication type:


// Get encryption key from the configuration and extract cipher transformation
// and encrypted password from the request.
String secretKeyBase64 = configuration.getSecretKey();
String cipherTransformation = request.getCipherTransformation();
String encryptedPassword = request.getPassword();

String originalPassword = decryptPassword(secretKeyBase64, cipherTransformation, encryptedpassword);

// ...

// Decryption method (missing the 'throws' clause).
private String decryptPassword(String secretKeyBase64, String cipherTransformation, String encryptedPassword) {
    // Read secret key from configuration
    byte[] secretKeyBytes = Base64.getDecoder().decode(secretKeyBase64);
    SecretKey secretKey = new SecretKeySpec(secretKeyBytes, "AES");

    // Extract IV and encrypted password and convert them to bytes
    String[] parts = encryptedPassword.split(":");
    if (parts.length != 2) {
        throw new IllegalArgumentException("Invalid request");
    }
    String ivBase64 = parts[0];
    byte[] ivBytes = Base64.getDecoder().decode(ivBase64);
    String encryptedPasswordBase64 = parts[1];
    byte[] encryptedPasswordBytes = Base64.getDecoder().decode(encryptedPasswordBase64);

    // Decrypt password using specified cipher transformation, extracted IV and encrypted password bytes
    Cipher cipher = Cipher.getInstance(cipherTransformation);
    cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(ivBytes));
    byte[] decryptedPasswordBytes = cipher.doFinal(encryptedPasswordBytes);
    return new String(decryptedPasswordBytes, StandardCharsets.UTF_8);
}

// ...

// Verify that decrypted password matches expected password

Response

User authentication response - authentication succeeded
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "authenticationResult": "SUCCEEDED",
    "errorMessage": null,
    "remainingAttempts": null,
    "showRemainingAttempts": false,
    "accountStatus": "ACTIVE"
  }
}
User authentication response - authentication failed

This message should be sent when the Data Adapter receives a correct message, however the username and password combination is invalid.

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "authenticationResult": "FAILED",
    "errorMessage": "login.authenticationFailed",
    "remainingAttempts": null,
    "showRemainingAttempts": false,
    "accountStatus": "ACTIVE"
  }
}
User authentication response - input validation errors

This error should be returned when username or password format is invalid - either it contains unsupported characters or it is empty or too long. This error is also used when authentication type is not supported.

The sample response below is returned when password is empty.

  • Status Code: 400
  • Headers:
    • Content-Type: application/json
{
  "status": "ERROR",
  "responseObject": {
    "code": "INPUT_INVALID",
    "message": "login.password.empty",
    "validationErrors": [
      "login.password.empty.objectRequest.requestObject.password",
      "login.password.empty.requestObject.password",
      "login.password.empty.password",
      "login.password.empty.java.lang.String",
      "login.password.empty"
    ],
    "remainingAttempts": null
  }
}

For more information, see classes AuthenticationRequestValidator and DefaultExceptionResolver.

User authentication response - internal error

This error should be used for all unexpected errors.

  • Status Code: 500
  • Headers:
    • Content-Type: application/json
{
  "status": "ERROR",
  "responseObject": {
    "code": "ERROR_GENERIC",
    "message": "Exception occurred at ...",
    "validationErrors": null,
    "remainingAttempts": null
  }
}

post /api/auth/user/info User Information

Fetch user details based on user ID.

The list of expected status codes:

Code Description
200 OK response - user details have been successfully retrieved
400 INPUT_INVALID - request validation errors
400 USER_NOT_FOUND - user account does not exist
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL"
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "id": "12345678",
    "givenName": "John",
    "familyName": "Doe",
    "organizationId": "RETAIL",
    "accountStatus": "ACTIVE"
  }
}

Authentication Method API

post /api/auth/method/init Initialize an Authentication Method

Initialize an authentication method and set its parameters, e.g. client certificate configuration.

The list of expected status codes:

Code Description
200 OK response - user details have been successfully retrieved
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": null,
    "organizationId": null,
    "authMethod": "LOGIN_SCA",
    "operationContext": {
      "id": "fd598c95-c7a4-4d66-9cf6-0262b8a71693",
      "name": "login_sca",
      "data": "A2",
      "externalTransactionId": null,
      "formData": {
        "title": {
          "id": "login.title",
          "message": "Login"
        },
        "greeting": {
          "id": "login.greeting",
          "message": "Hello,\nplease sign in."
        },
        "summary": {
          "id": "login.summary",
          "message": "Please confirm the login attempt."
        },
        "config": [],
        "banners": [],
        "parameters": [],
        "userInput": {}
      },
      "applicationContext": {
        "id": "democlient",
        "name": "democlient",
        "description": "App with client ID: democlient",
        "originalScopes": [
          "aisp"
        ],
        "extras": {}
      }
    }
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "certificateAuthenticationMode": "NOT_AVAILABLE",
    "certificateVerificationUrl": null
  }
}

Operation API

post /api/operation/formdata/decorate Decorate Form Data

Retrieve form data and decorate it (optional).

The list of expected status codes:

Code Description
200 OK response - form data was successfully decorated
400 INPUT_INVALID - request validation errors
400 USER_NOT_FOUND - user account does not exist
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "authMethod": "LOGIN_SCA",
	"operationContext": {
      "id": "371526cc-5dee-414e-8418-5ee1c5ef2d67",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    }
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "formData": {
      "title": {
        "id": "operation.title",
        "message": "Confirm Payment"
      },
      "greeting": {
        "id": "operation.greeting",
        "message": "Hello,\nplease confirm following payment:"
      },
      "summary": {
        "id": "operation.summary",
        "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
      },
      "config": [],
      "banners": [],
      "parameters": [
        {
          "type": "AMOUNT",
          "id": "operation.amount",
          "label": "Amount",
          "valueFormatType": "AMOUNT",
          "formattedValues": {
            "amount": "100.00",
            "currency": "CZK"
          },
          "amount": 100,
          "currency": "CZK",
          "currencyId": "operation.currency"
        },
        {
          "type": "KEY_VALUE",
          "id": "operation.account",
          "label": "To Account",
          "valueFormatType": "ACCOUNT",
          "formattedValues": {
            "value": "238400856/0300"
          },
          "value": "238400856/0300"
        },
        {
          "type": "KEY_VALUE",
          "id": "operation.dueDate",
          "label": "Due Date",
          "valueFormatType": "DATE",
          "formattedValues": {
            "value": "Jun 29, 2019"
          },
          "value": "2019-06-29"
        },
        {
          "type": "NOTE",
          "id": "operation.note",
          "label": "Note",
          "valueFormatType": "TEXT",
          "formattedValues": {
            "value": "Utility Bill Payment - 05/2019"
          },
          "note": "Utility Bill Payment - 05/2019"
        },
        {
          "type": "BANK_ACCOUNT_CHOICE",
          "id": "operation.bankAccountChoice",
          "label": null,
          "bankAccounts": [
            {
              "number": "12345678/1234",
              "accountId": "CZ4012340000000012345678",
              "name": "Běžný účet v CZK",
              "balance": 24394.52,
              "currency": "CZK",
              "usableForPayment": false,
              "unusableForPaymentReason": null
            },
            {
              "number": "87654321/4321",
              "accountId": "CZ4043210000000087654321",
              "name": "Spořící účet v CZK",
              "balance": 158121.10,
              "currency": "CZK",
              "usableForPayment": false,
              "unusableForPaymentReason": null
            },
            {
              "number": "44444444/1111",
              "accountId": "CZ4011110000000044444444",
              "name": "Spořící účet v EUR",
              "balance": 1.90,
              "currency": "EUR",
              "usableForPayment": false,
              "unusableForPaymentReason": "Low account balance"
            }
          ],
          "enabled": true,
          "defaultValue": "CZ4012340000000012345678"
        }
      ],
      "userInput": {
      }
    }
  }
}

post /api/operation/formdata/change FormData Change Notification

Notification of Data Adapter about formData change.

The list of expected status codes:

Code Description
200 OK response - notification was successfully received
400 INPUT_INVALID - request validation errors
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "operationContext": {
      "id": "371526cc-5dee-414e-8418-5ee1c5ef2d67",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"],
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    },
    "formDataChange": {
      "type": "BANK_ACCOUNT_CHOICE",
      "bankAccountId": "CZ4012340000000012345678"
    }
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK"
}

post /api/operation/change Operation Change Notification

Notification of Data Adapter about operation change.

The list of expected status codes:

Code Description
200 OK response - notification was successfully received
400 INPUT_INVALID - request validation errors
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

Possible operation changes are: DONE, CANCELED and FAILED.

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "operationContext": {
      "id": "c02c5ea8-d4da-4499-9a27-aa4ded70921b",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    },
    "operationChange": "DONE"
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK"
}

post /api/operation/create Create Implicit Login Operation

Create an implicit login operation when accessing Web Flow without a previously created operation.

The list of expected status codes:

Code Description
200 OK response - notification was successfully received
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

Possible operation changes are: DONE, CANCELED and FAILED.

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "clientId": "democlient",
    "scopes": [
      "aisp"
    ]
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "name": "login_sca",
    "formData": {
      "title": {
        "id": "login.title",
        "message": null
      },
      "greeting": {
        "id": "login.greeting",
        "message": null
      },
      "summary": {
        "id": "login.summary",
        "message": null
      },
      "config": [],
      "banners": [],
      "parameters": [],
      "userInput": {}
    },
    "applicationContext": {
      "id": "democlient",
      "name": "democlient",
      "description": "App with client ID: democlient",
      "originalScopes": [
        "aisp"
      ],
      "extras": {}
    }
  }
}

post /api/operation/mapping Operation Mapping

Mapping of complex Next Step operations into individual operations. PowerAuth operation template can be configured using the templateName parameter in response.

The list of expected status codes:

Code Description
200 OK response - notification was successfully received
400 INPUT_INVALID - request validation errors
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

Possible operation changes are: DONE, CANCELED and FAILED.

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "authMethod": "LOGIN_SCA",
    "operationContext": {
      "id": "c02c5ea8-d4da-4499-9a27-aa4ded70921b",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    }
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "templateName": "login",
    "operationName": "login",
    "operationData": "A2",
    "formData": {
      "title": {
        "id": "login.title",
        "message": null
      },
      "greeting": {
        "id": "login.greeting",
        "message": null
      },
      "summary": {
        "id": "login.summary",
        "message": null
      },
      "config": [],
      "banners": [],
      "parameters": [],
      "userInput": {}
    }
  }
}

Authentication API

post /api/auth/sms/create Generate and Send SMS Authorization Code

Generate an OTP authorization code, store it in the database and send a SMS message to the user.

The list of expected status codes:

Code Description
200 OK response - SMS message has been successfully created
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "accountStatus": "ACTIVE",
	"authMethod": "LOGIN_SCA",
    "operationContext": {
      "id": "371526cc-5dee-414e-8418-5ee1c5ef2d67",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    },
    "lang": "en",
    "resend": false
  }
}

Response

Generate and send SMS authorization code response - SMS has been successfully created and sent
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "messageId": "d056ec42-2349-43a1-9af4-cc502d924f76",
    "smsDeliveryResult": "SUCCEEDED",
    "errorMessage": null
  }
}
Generate and send SMS authorization code response - SMS could not be sent
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "messageId": "d056ec42-2349-43a1-9af4-cc502d924f76",
    "smsDeliveryResult": "FAILED",
    "errorMessage": null
  }
}

post /api/auth/sms/send Send SMS Authorization Code

Send an SMS message with previously generated OTP authorization code to the user.

The list of expected status codes:

Code Description
200 OK response - SMS message has been successfully created
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "accountStatus": "ACTIVE",
    "operationContext": {
      "id": "371526cc-5dee-414e-8418-5ee1c5ef2d67",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    },
  "messageId": "e82318ea-d8c6-11eb-b8bc-0242ac130003",
  "authorizationCode": "54741284",
  "lang": "en",
  "resend": false
  }
}

Response

Send SMS authorization code response - SMS has been successfully sent
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "messageId": "e82318ea-d8c6-11eb-b8bc-0242ac130003",
    "smsDeliveryResult": "SUCCEEDED",
    "errorMessage": null
  }
}
Send SMS authorization code response - SMS could not be sent
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "messageId": "d056ec42-2349-43a1-9af4-cc502d924f76",
    "smsDeliveryResult": "FAILED",
    "errorMessage": null
  }
}

post /api/auth/sms/verify Verify Authorization SMS Code

Verify an authorization OTP code from an SMS message.

The list of expected status codes:

Code Description
200 OK response - SMS authorization code has been successfully verified
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "accountStatus": "ACTIVE",
    "messageId": "617178ab-f315-4223-a602-9d4893b4f99f",
    "authorizationCode": "77038183",
    "operationContext": {
      "id": "371526cc-5dee-414e-8418-5ee1c5ef2d67",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    }
  }
}

Response

Verify authorization SMS code response - SMS authorization code has been successfully verified
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "smsAuthorizationResult": "SUCCEEDED",
    "errorMessage": null,
    "remainingAttempts": null,
    "showRemainingAttempts": false
  }
}
Verify authorization SMS code response - SMS authorization code verification failed
{
  "status": "OK",
  "responseObject": {
    "smsAuthorizationResult": "FAILED",
    "errorMessage": "smsAuthorization.failed",
    "remainingAttempts": 4,
    "showRemainingAttempts": false
  }
}

post /api/auth/sms/password/verify Verify Authorization SMS Code and Password

Verify an authorization OTP code from a SMS message together with user password.

The list of expected status codes:

Code Description
200 OK response - SMS authorization code has been successfully verified
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
500 Server errors - provide error details in the message, this is only for unexpected errors

The password can be optionally encrypted. In this case the passwordProtection parameter provides information about type of encryption and the cipherTransformation parameter contains information about used cipher.

See chapter User Password Encryption and Decryption for additional details.

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "accountStatus": "ACTIVE",
    "password": "s3cret",
    "authenticationContext": {
      "passwordProtection": "NO_PROTECTION",
      "cipherTransformation": "",
      "smsAuthorizationResult": null
    },
    "messageId": "617178ab-f315-4223-a602-9d4893b4f99f",
    "authorizationCode": "77038183",
    "operationContext": {
      "id": "371526cc-5dee-414e-8418-5ee1c5ef2d67",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    }
  }
}

Response

Verify authorization SMS code and password response - SMS authorization code and password have been successfully verified
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "smsAuthorizationResult": "SUCCEEDED",
    "userAuthenticationResult": "SUCCEEDED",
    "errorMessage": null,
    "remainingAttempts": null,
    "showRemainingAttempts": false
  }
}
Verify authorization SMS code and password response - SMS authorization code and/or password verification failed
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "smsAuthorizationResult": "FAILED",
    "userAuthenticationResult": "FAILED",
    "errorMessage": "login.authenticationFailed",
    "remainingAttempts": null,
    "showRemainingAttempts": false
  }
}

post /api/auth/certificate/verify Verify a Client TLS Certificate

Verify a client TLS certificate for user authentication.

The list of expected status codes:

Code Description
200 OK response - SMS authorization code has been successfully verified
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
  "clientCertificate": "--- [CLIENT_TLS_CERTIFICATE] ---",
  "authMethod": "LOGIN_SCA",
    "userId": "12345678",
    "organizationId": "RETAIL",
    "accountStatus": "ACTIVE",
    "operationContext": {
      "id": "371526cc-5dee-414e-8418-5ee1c5ef2d67",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    }
  }
}

Response

Verify a client TLS certificate response - client TLS certificate has been verified, verification result is sent in response
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "certificateVerificationResult": "SUCCEEDED",
    "errorMessage": null,
    "remainingAttempts": null,
    "showRemainingAttempts": false, 
  "accountStatus": "ACTIVE"
  }
}

In case the client TLS certificate verification fails, the parameter certificateVerificationResult value is set to FAILED.

post /api/auth/consent/init Initialize OAuth 2.1 Consent Form

Initialize the OAuth 2.1 consent form and get information whether consent form should be displayed.

The list of expected status codes:

Code Description
200 OK response - consent form has been successfully initalized
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "operationContext": {
      "id": "7d92fce2-c1f2-4d5b-b522-61da0749fdf7",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    }
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "shouldDisplayConsentForm": true
  }
}

post /api/auth/consent/create Create OAuth 2.1 Consent Form

Create the OAuth 2.1 consent form and obtain form options.

The list of expected status codes:

Code Description
200 OK response - consent form has been successfully created
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "operationContext": {
      "id": "7d92fce2-c1f2-4d5b-b522-61da0749fdf7",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    },
    "lang": "en"
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "consentHtml": "I consent that I have initiated this payment request and give consent to complete the operation.",
    "options": [
      {
        "id": "CONSENT_INIT",
        "descriptionHtml": "I consent that I have initiated this payment operation.",
        "required": true,
        "defaultValue": "NOT_CHECKED",
        "value": null
      },
      {
        "id": "CONSENT_PAYMENT",
        "descriptionHtml": "I give consent to complete this payment operation.",
        "required": true,
        "defaultValue": "NOT_CHECKED",
        "value": null
      }
    ]
  }
}

post /api/auth/consent/validate Validate OAuth 2.1 Consent Form

Validate submitted options in the OAuth 2.1 consent form.

The list of expected status codes:

Code Description
200 OK response - consent form has been successfully validated (however it may contain validation errors)
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
400 CONSENT_DATA_INVALID - invalid consent data
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "operationContext": {
      "id": "7d92fce2-c1f2-4d5b-b522-61da0749fdf7",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    },
    "lang": "en",
    "options": [
      {
        "id": "CONSENT_INIT",
        "descriptionHtml": "I consent that I have initiated this payment operation.",
        "required": true,
        "defaultValue": "NOT_CHECKED",
        "value": null
      },
      {
        "id": "CONSENT_PAYMENT",
        "descriptionHtml": "I give consent to complete this payment operation.",
        "required": true,
        "defaultValue": "NOT_CHECKED",
        "value": null
      }
    ]
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "consentValidationPassed": true,
    "validationErrorMessage": null,
    "optionValidationResults": []
  }
}
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "consentValidationPassed": false,
    "validationErrorMessage": "Please fill in the whole consent form.",
    "optionValidationResults": [
      {
        "id": "CONSENT_INIT",
        "validationPassed": false,
        "errorMessage": "Confirm this option to complete the operation."
      },
      {
        "id": "CONSENT_PAYMENT",
        "validationPassed": false,
        "errorMessage": "Confirm this option to complete the operation."
      }
    ]
  }
}

post /api/auth/consent/save Save OAuth 2.1 Consent Form

Save the OAuth 2.1 consent form options.

The list of expected status codes:

Code Description
200 OK response - consent form has been successfully saved
400 INPUT_INVALID - request validation errors
400 OPERATION_CONTEXT_INVALID - invalid operation context
400 CONSENT_DATA_INVALID - invalid consent data
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "operationContext": {
      "id": "4a04667b-8a1a-46af-813c-cf71ffcde478",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": ["pisp"], 
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    },
    "options": [
      {
        "id": "CONSENT_INIT",
        "descriptionHtml": "I consent that I have initiated this payment operation.",
        "required": true,
        "defaultValue": "NOT_CHECKED",
        "value": "CHECKED"
      },
      {
        "id": "CONSENT_PAYMENT",
        "descriptionHtml": "I give consent to complete this payment operation.",
        "required": true,
        "defaultValue": "NOT_CHECKED",
        "value": "CHECKED"
      }
    ]
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "saveSucceeded": true
  }
}
  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "saveSucceeded": false
  }
}

AFS API

post /api/afs/action/execute Execute an AFS Action

Execute an AFS action using the remote anti-fraud system.

The list of expected status codes:

Code Description
200 OK response - AFS action was successfully executed
400 OPERATION_CONTEXT_INVALID - invalid operation context
400 REMOTE_ERROR - communication with remote system failed
500 Server errors - provide error details in the message, this is only for unexpected errors

Request

  • Headers:
    • Content-Type: application/json
{
  "requestObject": {
    "userId": "12345678",
    "organizationId": "RETAIL",
    "operationContext": {
      "id": "47a74437-83f9-4567-8c9e-270bea98d9de",
      "name": "authorize_payment",
      "data": "A1*A100CZK*Q238400856/0300**D20190629*NUtility Bill Payment - 05/2019",
      "formData": {
        "title": {
          "id": "operation.title",
          "message": "Confirm Payment"
        },
        "greeting": {
          "id": "operation.greeting",
          "message": "Hello,\nplease confirm following payment:"
        },
        "summary": {
          "id": "operation.summary",
          "message": "Hello, please confirm payment 100 CZK to account 238400856/0300."
        },
        "config": [],
        "banners": [],
        "parameters": [
          {
            "type": "AMOUNT",
            "id": "operation.amount",
            "label": "Amount",
            "valueFormatType": "AMOUNT",
            "formattedValues": {
              "amount": "100.00",
              "currency": "CZK"
            },
            "amount": 100,
            "currency": "CZK",
            "currencyId": "operation.currency"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.account",
            "label": "To Account",
            "valueFormatType": "ACCOUNT",
            "formattedValues": {
              "value": "238400856/0300"
            },
            "value": "238400856/0300"
          },
          {
            "type": "KEY_VALUE",
            "id": "operation.dueDate",
            "label": "Due Date",
            "valueFormatType": "DATE",
            "formattedValues": {
              "value": "Jun 29, 2019"
            },
            "value": "2019-06-29"
          },
          {
            "type": "NOTE",
            "id": "operation.note",
            "label": "Note",
            "valueFormatType": "TEXT",
            "formattedValues": {
              "value": "Utility Bill Payment - 05/2019"
            },
            "note": "Utility Bill Payment - 05/2019"
          }
        ],
        "userInput": {
          "smsFallback.enabled": "true",
          "operation.bankAccountChoice": "CZ4012340000000012345678",
          "operation.bankAccountChoice.disabled": "true"
        }
      },
      "applicationContext": {
        "id": "democlient",
        "name": "Demo application",
        "description": "Web Flow demo application",
        "originalScopes": [
          "pisp"
        ],
        "extras": {
          "applicationOwner": "Wultra"
        }
      }
    },
    "afsRequestParameters": {
      "afsType": "THREAT_MARK",
      "afsAction": "APPROVAL_INIT",
      "clientIpAddress": "",
      "stepIndex": 1,
      "username": null,
      "authInstruments": [],
      "authStepResult": null,
      "operationTerminationReason": null
    },
    "extras": {
      "cookie1": "123xyz",
      "cookie2": "abc67890"
    }
  }
}

Response

  • Headers:
    • Content-Type: application/json
{
  "status": "OK",
  "responseObject": {
    "afsResponseApplied": true,
    "afsLabel": "1FA",
    "authStepOptions": {
      "smsOtpRequired": true,
      "passwordRequired": false
    },
    "extras": {}
  }
}
Last updated on Oct 11, 2023 (14:22) Edit on Github Send Feedback
Search

1.8.x

PowerAuth Web Flow