1. REST API for Oracle Identity Cloud Service
  2. Tasks
  3. On-Demand MFA
  4. Factor Verification

Get Mobile App Notification Verification Status

get

/mfa/v1/requests/{requestId}

Request

Path Parameters
  • Unique identifier of a factor authentication request returned by the server, when the user initiated factor verification
Header Parameters
  • Provide a valid OAuth Access Token that has either the 'Authenticator Client' or 'MFA Client' scope.
Back to Top

Response

200 Response

Indicates that the user has approved the PUSH notification request.

401 Response

Indicates that the user has rejected the PUSH notification request. Indicates unauthorized access if the token provided is invalid or if the user is either locked, inactive, or not enrolled in MFA.

404 Response

Indicates that the requestId provided is invalid.
Back to Top

Examples

The following example shows how to poll for the status of a PUSH notification by submitting a GET request on the REST resource using cURL. For more information about cURL, see Use cURL.

Since PUSH notifications must be accepted or rejected by the user on the Oracle Mobile Authenticator (OMA) app, we provide a "polling" API for the client to use if the user has acted on this notification.

Factor verification is a 2-step process. You first need to ask Oracle Identity Cloud Service to "initiate" the verification of the factor (for example, send an SMS with a time-based one-time passcode (TOTP), send an email with a TOTP code, or send a PUSH notification to the enrolled Oracle Mobile Authenticator (OMA) app). Use the POST method for this endpoint to initiate the verification. After initiating, the client needs to "verify" the factor by passing the otpCode, security answer, or accepting a PUSH notification on the OMA app. Use the PATCH method for this endpoint to verify factors.

Note:

There is an Oracle Identity Cloud Service Factor Verification Postman collection available. Download the collection and the example environment with variables from the idcs-factor-verification-api folder within GitHub and import them into a REST client.

Note:

The command in this example uses the URL structure https://tenant-base-url/resource-path, where tenant-base-url represents the Identity Service URL, and the resource path represents the Identity Service API. See Send Requests for the appropriate URL structure to use. 
curl
-X GET
-H "Content-Type:application/scim+json"
-H "Authorization: Bearer <Access Token Value>"
https://tenant-base-url/mfa/v1/requests/<requestId>

Example of Response Body for a Pending Status

The following pending example shows the contents of the response body in JSON format when getting the status of a PUSH notification:

{
    "status": "pending",
    "cause": [
        {
            "code": "AUTH-1108",
            "message": "Push Notification approval is pending."
        }
    ]
}

Example of a Response Body for a Success Status

The following success example shows the contents of the response body in JSON format when getting the status of a PUSH notification:

{
    "status": "success"
}

Example of a Response Body for a Rejected Status

The following rejected example shows the contents of the response body in JSON format when getting the status of a PUSH notification:

{
    "status": "failed",
    "cause": [
        {
            "message": "Rejected",
            "code": "AUTH-1108"
        }
    ]
}
Back to Top