Jump to

• Request
• Response

Complete Factor Verification

patch

/mfa/v1/requests/{requestId}

Request

Supported Media Types

• application/json

Path Parameters

• requestId: string
  Unique identifier of a factor authentication request returned by the server, when the user initiated factor verification

Header Parameters

• Authorization: string
  Provide a valid OAuth Access Token that has either the 'Authenticator Client' or 'MFA Client' scope.

Body ()

Complete Factor Verification Schema

Root Schema : CompleteFactorVerification

Type: object

Use this schema to complete factor verification or to resend OTP

Show Source

• bypassCode(optional): string
  This attribute indicates the pre-generated bypass code that the user wants to use, while authenticating using BYPASSCODE method.
• otpCode(optional): string
  This attribute provides the one time passcode that the user received over SMS, PHONE_CALL, EMAIL or the TOTP that was generated by the Oracle Mobile Authenticator App enrolled in IDCS. This attribute is only applicable for TOTP, SMS, PHONE_CALL and EMAIL methods.
  
• requestState: string
  This contains the context/request related details in encrypted form, which needs to be passed back and forth between server and client. The details are needed by the server to process a request and are opaque to the client.
  
• resendOtp(optional): string
  Attribute to indicate if the user wants the OTP to be resent to the mobile number or email id being used to authenticate. Supported values for this attribute are:
  

  • true
  • false

  This attribute is considered only for EMAIL, PHONE_CALL and SMS factors.
  
• securityQuestions(optional): array securityQuestions
  List of Security Questions being used for verification

{
    "type":"object",
    "description":"Use this schema to complete factor verification or to resend OTP",
    "required":[
        "requestState"
    ],
    "properties":{
        "otpCode":{
            "type":"string",
            "description":"This attribute provides the one time passcode that the user received over SMS, PHONE_CALL, EMAIL or the TOTP that was generated by the Oracle Mobile Authenticator App enrolled in IDCS. This attribute is only applicable for TOTP, SMS, PHONE_CALL and EMAIL methods.<br>"
        },
        "requestState":{
            "type":"string",
            "description":"This contains the context/request related details in encrypted form, which needs to be passed back and forth between server and client. The details are needed by the server to process a request and are opaque to the client.<br>"
        },
        "bypassCode":{
            "type":"string",
            "description":"This attribute indicates the pre-generated bypass code that the user wants to use, while authenticating using BYPASSCODE method."
        },
        "resendOtp":{
            "type":"string",
            "description":"Attribute to indicate if the user wants the OTP to be resent to the mobile number or email id being used to authenticate. Supported values for this attribute are:<br/><ul><li>true</li><li>false</li></ul>This attribute is considered only for EMAIL, PHONE_CALL and SMS factors.<br>"
        },
        "securityQuestions":{
            "type":"array",
            "items":{
                "$ref":"#/definitions/SecQuesVerification"
            },
            "description":"List of Security Questions being used for verification"
        }
    }
}

Nested Schema : securityQuestions

Type: array

List of Security Questions being used for verification

Show Source

• Array of: object SecQuesVerification
  Use this schema to complete Security Questions factor verification

{
    "type":"array",
    "items":{
        "$ref":"#/definitions/SecQuesVerification"
    },
    "description":"List of Security Questions being used for verification"
}

Nested Schema : SecQuesVerification

Type: object

Use this schema to complete Security Questions factor verification

Show Source

• answer: string
  Answer to an enrolled security question that the user wants to use for authentication.
  
• id: string
  The identifier of an enrolled security question that is being used for authentication by a user.
  

{
    "type":"object",
    "description":"Use this schema to complete Security Questions factor verification",
    "required":[
        "id",
        "answer"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"The identifier of an enrolled security question that is being used for authentication by a user.<br>"
        },
        "answer":{
            "type":"string",
            "description":"Answer to an enrolled security question that the user wants to use for authentication.<br>"
        }
    }
}

Back to Top

Response

Supported Media Types

• application/json

200 Response

Indicates successful authentication.

400 Response

Indicates that the request payload is invalid.

401 Response

Indicates unsuccessful authentication if the otpCode/security answer provided was invalid. Indicates unauthorized access if the token provided is invalid or if the user is either locked, inactive, or not enrolled in MFA.

404 Response

Indicates that the requestId provided is invalid.

500 Response

Internal Server error

Back to Top