Get Mobile App Notification Verification Status
/mfa/v1/requests/{requestId}
Request
-
requestId: string
Unique identifier of a factor authentication request returned by the server, when the user initiated factor verification
-
Authorization: string
Provide a valid OAuth Access Token that has either the 'Authenticator Client' or 'MFA Client' scope.
Response
200 Response
401 Response
404 Response
Examples
The following example shows how to poll for the status of a PUSH notification by submitting a GET request on the REST resource using cURL. For more information about cURL, see Use cURL.
Since PUSH notifications must be accepted or rejected by the user on the Oracle Mobile Authenticator (OMA) app, we provide a "polling" API for the client to use if the user has acted on this notification.
Factor verification is a 2-step process. You first need to ask Oracle Identity Cloud Service to "initiate" the verification of the factor (for example, send an SMS with a time-based one-time passcode (TOTP), send an email with a TOTP code, or send a PUSH notification to the enrolled Oracle Mobile Authenticator (OMA) app). Use the POST method for this endpoint to initiate the verification. After initiating, the client needs to "verify" the factor by passing the otpCode,
security answer, or accepting a PUSH notification on the OMA app. Use the PATCH method for this endpoint to verify factors.
Note:
There is an Oracle Identity Cloud Service Factor Verification Postman collection available. Download the collection and the example environment with variables from the idcs-factor-verification-api folder within GitHub and import them into a REST client.Note:
The command in this example uses the URL structurehttps://tenant-base-url/resource-path,
where
tenant-base-url
represents the Identity Service URL, and the resource path represents the Identity Service API. See
Send Requests for the appropriate URL structure to use.
curl
-X GET
-H "Content-Type:application/scim+json"
-H "Authorization: Bearer <Access Token Value>"
https://tenant-base-url/mfa/v1/requests/<requestId>
Example of Response Body for a Pending Status
The following pending example shows the contents of the response body in JSON format when getting the status of a PUSH notification:
{
"status": "pending",
"cause": [
{
"code": "AUTH-1108",
"message": "Push Notification approval is pending."
}
]
}
Example of a Response Body for a Success Status
The following success example shows the contents of the response body in JSON format when getting the status of a PUSH notification:
{
"status": "success"
}
Example of a Response Body for a Rejected Status
The following rejected example shows the contents of the response body in JSON format when getting the status of a PUSH notification:
{
"status": "failed",
"cause": [
{
"message": "Rejected",
"code": "AUTH-1108"
}
]
}