cs-security-experience-api-services
📘 API Documentation - Experience Security API Service
This section describes the attributes and usage of the Experience Security API Service.
💂️ Base Information
- API Title: Experience Security API Service
- Version: v2
- Base URL:
https://security-experience-api-{env}.us-e1.cloudhub.io/api/Replace{env}with:dev(Development)qa(Quality Assurance)prod(Production)
🔑 Authentication
Required Headers
| Header | Type | Description |
|---|---|---|
| Authorization | String | Bearer token in the format Bearer {{API_KEY}} |
| client_id | String | Unique identifier for API clients |
- Authorization
- Length: 36 - 37 characters
- Example:
Bearer abcdefghijklmnopqrstuvwxyz1234567890
- client_id
- Length: 32 - 36 characters
- Example:
123e4567-e89b-12d3-a456-426614174000
📌 These headers are required in all requests.
✨ Endpoint: Validate Identity
POST /customer/v1/identity/validate
- Description: Validates a person's identification data.
Request Body
{
"idUsuarioEntidad": "string (Base64, optional)",
"paramProducto": "string (required)",
"producto": "string (required, e.g., '010')",
"canal": "string (required, e.g., 'Fijo 001')",
"datosValidacion": {
"identificacion": {
"Numero": "string (required)",
"Tipo": "string (required, e.g., '1' or '4')"
},
"primerApellido": "string (max 16, required)",
"nombres": "string (max 40, required)",
"fechaExpedicion/timestamp": "string (timestamp, required)"
}
}Response Body
Returns an object RespValidacion with detailed validation results.
🔒 Endpoint: Initialize OTP
POST /security/v1/OTP/initialize
- Description: Initiates an OTP transaction for identity verification.
Request Body
{
"idUsuarioEntidad": "string (optional)",
"iniciarTransaccionOTPSolicitud": {
"codParametrizacion": "string (required)",
"Identificacion": {
"numero": "string (required)",
"tipo": "string (required)"
},
"datosCuestionario": {
"regValidacion": "string (required)",
"procesoEvidente": "string (required)"
}
}
}Response Body
Returns an object IniciarTransaccionOTPRespuesta with transaction details.
🔐 Endpoint: Validate OTP Code
POST /security/v1/OTP/validate
- Description: Validates the OTP code for an active transaction.
Request Body
{
"idUsuarioEntidad": "string (optional)",
"verificarCodigoOTPSolicitud": {
"idTransaccionOTP": "UUID (required)",
"codigoOTP": "string (6 digits or '000000') (required)"
}
}Response Body
{
"resultadoVerificacionOTP": true,
"mensaje": "string (optional)"
}📝 Other Endpoints
| Endpoint | Description |
|---|---|
| POST /security/v1/survey/generate | Generates a security questionnaire. |
| POST /security/v1/survey/validate | Validates the completed survey. |
| POST /security/v1/portal/generate_token | Generates a portal token for PQRs. |
| POST /security/v1/portal/validate_token | Validates a portal token for PQRs. |
| POST /security/v1/check_bls | Checks applicant against blocking lists. |
📎 Refer to associated example files for detailed schema:
-v1/examples/request/
-v1/examples/response/
📊 Common Parameters
| Parameter | Type | Description | Required |
|---|---|---|---|
client_id | String | API client identifier | ✅ |
Authorization | String | Bearer token for authentication | ✅ |
🔐 Security Schemes
Client ID Enforcement
| Field | Type | Required | Length | Regex |
|---|---|---|---|---|
client_id | String | Yes | 32 - 36 | [a-zA-Z0-9] |
client_secret | String | Yes | 32 - 64 | [a-zA-Z0-9] |
OAuth 2.0
| Field | Type | Required | Length | Regex |
|---|---|---|---|---|
Authorization | String | Yes | 36 - 37 | [a-zA-Z0-9-_.] |
⚠️ Error Codes
| Code | Description | Suggested Solution |
|---|---|---|
| 400 | Bad Request | Check request syntax and parameters. |
| 401 | Unauthorized | Validate authentication credentials. |
| 404 | Not Found | Confirm the endpoint URL. |
| 500 | Internal Server Error | Retry or contact technical support. |
📞 Support
For assistance, contact the Integration Services and Applications Coordination team.
Email: epalma@fg
Last updated: April 2025