bcs-authentication-management-api-services
home
API INFORMATION
Title: authentication-management-api-service
Version: 1.0.5
Protocols: HTTPS
URI Sandbox: https://authentication-management-api-services-dev.us-e1.cloudhub.io/api/authentication-management/v1
URI QA: https://authentication-management-api-services-qa.us-e1.cloudhub.io/api/authenticationManagement/v1
URILive: https://authentication-management-api-services-prd.us-e1.cloudhub.io/api/authenticationManagement/v1
DOWLOAD RAML
DESCRIPTION
The API will offer consumers to log in to the system, which allows the following operations:
Summary
-Client Authentication
Path:
POST
/authentication-management/v1/user:
Headers
X-Invoker-BranchId: Office code
X-Invoker-TerminalId: Term code
X-Invoker-Component: Component
X-Invoker-UserIPAddress: Client IP Address
X-Invoker-ServerIPAddress: Server IP Address
X-Invoker-UserMACAddress: Client MAC Address
X-Invoker-ServerMACAddress: Server MAC Address
X-Invoker-ProcessDate: Process date
X-Invoker-TxId: Id TX
X-Invoker-SessionKey: Session key
X-Invoker-Source: Origin
X-Invoker-Country: Country
X-Invoker-ProcessBpmId: ID BPM process
X-Invoker-ProcessId: Process ID
X-Invoker-Network: Net
X-Invoker-Channel: Channel with which the transaction must be registered (minLength:3 "007").
X-Invoker-subChannel: Subchannel with which the transaction must be registered.
X-Invoker-User: User
X-Invoker-Action: Action
X-Invoker-Destination: Destination
X-Invoker-ModifierUser: Modification user
X-Invoker-ReferencedNumber: Reference number
X-Invoker-RequestNumber: Request number
X-Invoker-CustId: Client code
Headers Security
X-Security-CustLoginId: Used to identify the user who logs in
X-Security-ClientID: The Mule expression to use for obtaining the client ID from
X-Security-ClientSecret: The Mule expression to use for obtaining the client secret from API requests
X-Security-Token: Used to send a valid OAuth 2 access token
Service's Own Headers
X-Invoker-Ally: Ally that is used to be able to decrypt and re-encrypt the client's password with the bank's keys.
X-Ident-DeviceFingerPrint: Field for the encrypted fingerprint.
X-Ident-TransactionDate: Date and time of the transaction.
Body:
engineRiskInfo: Engine Hazard Information.
govIssueIdent: Identification given by the local government.
personInfo: Customer information.
custId: Client code included in the invoker.
custPswd: Information about a user's password.
> Example when sending govIssueIdent value identSerialNum and govIssueIdentType.
{
"engineRiskInfo":{
"transactionId":"100001"
},
"govIssueIdent": {
"identSerialNum": "41728985",
"govIssueIdentType": "CC"
},
"personInfo":{
"nameAddrType":"N"
},
"custPswd":{
"pswd":"63d695215279188ce710fe16e5b11f93"
}
}> Example when sending custId value SPName.
{
"engineRiskInfo":{
"transactionId":"100001"
},
"personInfo":{
"nameAddrType":"N"
},
"custId":{
"SPName":"ALIAS8985"
},
"custPswd":{
"pswd":"63d695215279188ce710fe16e5b11f93"
}
}> Response 200.
{
"govIssueIdent": {
"govIssueIdentType": "CC",
"identSerialNum": "41728985"
},
"personName": {
"fullName": "BLANCA ELVIA RUANO FONSECA",
"lastAuthInfo": {
"lastTrnDt": "2022-08-18T08:36:45"
}
}
}Response information:
responseType: Used to return the response.
govIssueIdent: Identification given by the local government.
personName: Customer information.
> Errors Code.
Additional the error code of APIKit this resource it has some custom errors code or bussines errors and all errors used the follogin structur.
{
"responseType": {
"value": "ER"
},
"responseDetail": {
"errorCode": "1006",
"errorDesc": "Usuario o clave inv谩lidos.",
"errorType": "OUD"
}
}
| HTTP Code | Error Code | Error Type | Description |
|---|---|---|---|
| 400 | 1 | OUD | failed. |
| 400 | 1016 | OUD | User required fields are missing. |
| 400 | 1033 | OUD | The authentic first time policy is invalid. |
| 400 | 1034 | OUD | The policy of checking last entry is invalid. |
| 400 | 1036 | OUD | The failed attempts policy is invalid. |
| 400 | 1037 | OUD | The date handling policy is invalid. |
| 400 | 1038 | OUD | The expiration date of the key is invalid. |
| 400 | 1039 | OUD | The key expiration warning time is invalid. |
| 400 | 1040 | OUD | The key expiration time is invalid. |
| 400 | 1043 | OUD | The key expiration warning time cannot be less than the key expiration time. |
| 401 | 1004 | OUD | This is the first time the user enters, please change the password. |
| 401 | 1005 | OUD | The key is locked. |
| 403 | 1006 | OUD | Invalid username or password. |
| 500 | 500 | OUD | Could not connect to server |
| 500 | 500 | OUD | The connection with the encryption server could not be established |
> Diagram of sequence.
####
- Backbase - Logout v2.
Description:
Service to close user session. Business Service: ADMUSU_CERRSESI
Path:
POST:
/authentication-management/v2/logout:Headers
| Name | Description | Example |
|---|---|---|
| X-Invoker-Channel | Channel of origin of consumption | 007 |
| X-Invoker-ATMId | Amt code | 1102 |
| X-Invoker-BranchId | Office code | 1102 |
| X-Invoker-TerminalId | Term code | |
| X-Invoker-Component | Component | |
| X-Invoker-UserIPAddress | Client IP Address | 10.5.43.214 |
| X-Invoker-ServerIPAddress | Server IP Address | 192.168.169.197 |
| X-Invoker-UserMACAddress | Client MAC Address | 0E-A5-38-F7-C3-09 |
| X-Invoker-ProcessDate | Process date | 2023-05-02 |
| X-Invoker-TxId | Id TX | |
| X-Invoker-SessionKey | Session key | 112w3w*b8a-1cfe9cdd35a1 |
| X-Invoker-Source | Origin | |
| X-Invoker-Country | Country | CO |
| X-Invoker-ProcessBpmId | ID BPM process | |
| X-Invoker-ProcessId | Process ID | PRI2210323310590452 |
| X-Invoker-Network | Net | 0032 |
| X-Invoker-subChannel | Subchannel with which the transaction must be registered. | 01 |
| X-Invoker-User | User | CC10009287 |
| X-Invoker-Action | Action | |
| X-Invoker-Destination | Destination | |
| X-Invoker-ModifierUser | Modification | |
| X-Invoker-ReferencedNumber | Reference number | |
| X-Invoker-RequestNumber | Request number | 12345 |
| X-Invoker-CustId | Used to identify the user who logs in | |
| client_id | Customer identifier | 154-111-1111-222 |
| client_secret | Customer key | 1122222-222-333 |
| Authorization | Barear token | Barear 2312323 |
| Accept | Accept type format | content-type |
Mapping Data:
- Request:
| Field Name | Description | Type |
|---|---|---|
| govIssueIdent.identSerialNum | User ID number. | String |
| govIssueIdent.govIssueIdentType | Customer identification type: [CC, NI, CE, NE]. | String |
| engineRiskInfo.transactionId | Transaction Code. | String |
| engineRiskInfo.logoutDt | Date and time of session closing. | String |
- Response:
| Field Name | Description | Type |
|---|---|---|
| responseDeatil.responseType.value | Result of the transaction ["OK", "ER"] | String |
| responseDeatil.errorCode | Code that is generated to display an error (Mandatory in case of error). | String |
| responseDeatil.errorDesc | Detailed description of the error (Mandatory in case of error). | String |
| responseDeatil.errorType | Type of the error that is generated (Mandatory in case of error). | String |
Examples:
Example of Body Request:
{
"govIssueIdent": {
"identSerialNum": "123456",
"govIssueIdentType": "CC"
},
"engineRiskInfo": {
"transactionId": "100050",
"logoutDt": "2024-04-05T22:14:34"
}
}Example of Body Response:
{
"responseType": {
"value": "OK"
}
}Example of Body Response Error:
{
"responseType": {
"value": "ERR500"
},
"responseDetail": {
"errorCode": 500,
"errorDesc": "OSB Validate action failed validationcerrarSesion_PNN_EXPOSB-382505OSB Validate action failed validationInvalid date value: 2024-08-05 T22:14:342024-08-05 T22:14:34cerrarSesion_PNN_EXPrequest-a052071.N5e3b2442.0.1643896a235.N78fcstg_validarEntradarequest-pipeline",
"errorType": "Internal Server Error"
}
}Error Code Response:
| HTTPCode | ErrorCode | ErrorType | Description |
|---|---|---|---|
| 500 | 500 | EXP | OSB Validate action failed validationcerrarSesion_PNN_EXPOSB-382505OSB Validate action failed validationInvalid date value. |