Second Factor API documentation version v2
https://account.secondfactor.io/api/{version}
- version: required (v2)
EToken cosigner protocol
Service that provides common signatures for Ethereum on-chain verification in Cosigner Smart Contract.
EToken protocol
Service that utilizes Recovery contract to perform deprecated EToken recovery procedure through trust().
Omni protocol
Java application for Wallet3 security scheme, installed on SecondFactor side.
/customer
Create a customer for the project. If a client uses ambisafe etoken contract firstly verified customer then creating the customer in ethereum recovery contract. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
post /customer/create/
Create a customer for the project. If a client uses ambisafe etoken contract firstly verified customer then creating the customer in ethereum recovery contract. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- address: required (string)
Customer's wallet address in ethereum etoken contract.
- phone: required (string)
A phone number with country and city codes (numbers only, with plus sign, no brackets or other characters - e.g +6282144726437).
- email: required (string)
Valid customer's email address.
- first_name: (string)
Customer's first name.
- last_name: (string)
Customer's last name.
- via: required (string)
Default RecoveryType for customer
- vTenant: required (string)
v binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- rTenant: required (string)
hex from r binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- sTenant: required (string)
hex from s binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- nonceTenant: required (string)
unique nonce for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- language: required (one of da-DK, de-DE, en-GB, es-ES, fi-FI, fr-FR, it-IT, ja-JP, ko-KR, nb-NO, nl-NL, pl-PL, pt-PT, ru-RU, sv-SE, zh-CN)
Customer's language
- user_id: required (string)
External id of customer.
Example:
{
"address": "0x06c7607fea331D13C17a31E067Ee12A1231a2e8b",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"rTenant": "37373067327934684150003069652436424164709637804483900946094207067076073299906",
"sTenant": "33588208770429537150211323532503275307743948959119560275894539333333012548613",
"vTenant": "28L",
"nonceTenant": "072f0f7f-89af-434b-90f2-244d4aeba46e",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 201
Copy of provided data
Body
Media type: application/json
Type: any
Example:
{
"address": "0x06c7607fea331D13C17a31E067Ee12A1231a2e8b",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"rTenant": "37373067327934684150003069652436424164709637804483900946094207067076073299906",
"sTenant": "33588208770429537150211323532503275307743948959119560275894539333333012548613",
"vTenant": "28L",
"nonceTenant": "072f0f7f-89af-434b-90f2-244d4aeba46e",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer already exist and verified",
"error": "The endpoint is valid only for projects using etoken protocol",
"error": "Verify via email not allowed",
"error": "Customer not found",
"error": "SF Create customer error: {'__all__': [ValidationError(['Customer with
userEthAddress=0x5df8bc495c9cd3f22a62713a772c6aea42fdc3dc already exists.'])]}",
"error": "{'phone': ['Brazil: Enter a valid phone number']}"
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": "Auth headers not set",
"error": "API-%s not set in headers.",
"error": "Invalid API-NONCE in headers",
"error": "Invalid credentials."
}
HTTP status code 402
Payment error.
Body
Media type: application/json
Type: any
Example:
{
"error": "Your organization balance less than 1$. Recharge error:
Request req_LCQUpZwjzmJ55M: Your card was declined.",
"error": "Recharge error has occurred. If you've refilled your credit
card please or set up a new one, activate payments by credit
card on https://account.secondfactor.io/account/billing/",
"error": "Please, set card details https://account.secondfactor.io/account/billing/"
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
"error": "Invalid ip address",
"error": "Invalid nonce"
}
The endpoint returns information about all project's customers. The response includes lists the customers and display all details about each customer.
get /customer/list/
The endpoint returns information about all project's customers. The response includes lists the customers and display all details about each customer.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
HTTP status code 200
Body
Media type: application/json
Type: array of object
Items: Customer
- id: required (integer)
Unique identifier
- created: required (string)
Date and time customer was created
- updated: required (string)
Date and time customer was last time updated
- external_id: required (string)
External id of customer. Present as user_id in requests
- hash: required (string - default: 24350ce72d541f93733002f427896a90)
Unique customer hash
- locked: required (boolean - default: false)
By default is False
- first_name: required (string)
First name of the customer
- last_name: required (string)
Last name of the customer
- email: required (string)
Email address of the customer. MUST be in the format of an email address
- phone: required (string)
Phone number of the customer
- project_id: required (integer)
Project id which the customer belongs
- via_id: required (integer)
Default RecoveryType for customer
- is_verified: required (boolean - default: false)
By default is False. True if customer verified your phone number and was created in blockchain contract
- language_id: required (integer)
Customer's language
Example:
[
{
"email": "test@test.com",
"language_id": 24,
"created": "2016-06-04T06:07:58.014Z",
"via_id": 1,
"first_name": "Marina",
"phone": "+380665077150",
"external_id": "357159",
"project_id": 1,
"updated": "2016-06-04T06:07:58.014Z",
"is_verified": false,
"id": 2,
"locked": false,
"last_name": "Secondname",
"hash": "6a8c7fa5ae199f94f6ef0c944ad21de2"
},
{
"email": "test@test.com",
"language_id": 9,
"created": "2016-06-04T06:07:58.014Z",
"via_id": 1,
"first_name": "Test_name",
"phone": "+380666039388",
"external_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"project_id": 1,
"updated": "2016-06-04T06:07:58.014Z",
"is_verified": true,
"id": 1,
"locked": false,
"last_name": "Test Second_name",
"hash": "b6f8249c64018946a9c8ec38622e8fc2"
}
]
Get customer by user id. The response is a list with one element that displays all details about customer.
post /customer/id/
Get customer by user id. The response is a list with one element that displays all details about customer.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
HTTP status code 200
Body
Media type: application/json
Type: array of object
Items: Customer
- id: required (integer)
Unique identifier
- created: required (string)
Date and time customer was created
- updated: required (string)
Date and time customer was last time updated
- external_id: required (string)
External id of customer. Present as user_id in requests
- hash: required (string - default: 24350ce72d541f93733002f427896a90)
Unique customer hash
- locked: required (boolean - default: false)
By default is False
- first_name: required (string)
First name of the customer
- last_name: required (string)
Last name of the customer
- email: required (string)
Email address of the customer. MUST be in the format of an email address
- phone: required (string)
Phone number of the customer
- project_id: required (integer)
Project id which the customer belongs
- via_id: required (integer)
Default RecoveryType for customer
- is_verified: required (boolean - default: false)
By default is False. True if customer verified your phone number and was created in blockchain contract
- language_id: required (integer)
Customer's language
Example:
[
{
"email": "test@test.com",
"language_id": 24,
"created": "2016-06-04T06:07:58.014Z",
"via_id": 1,
"first_name": "Marina",
"phone": "+380665077150",
"external_id": "357159",
"project_id": 1,
"updated": "2016-06-04T06:07:58.014Z",
"is_verified": false,
"id": 2,
"locked": false,
"last_name": "Secondname",
"hash": "6a8c7fa5ae199f94f6ef0c944ad21de2"
}
]
Update customer's phone number for the project. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
post /customer/update_phone_number/
Update customer's phone number for the project. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- new_phone: required (string)
A phone number with country and city codes (numbers only, with plus sign, no brackets or other characters - e.g +6282144726437).
- via: required (string)
Default RecoveryType for customer
- user_id: required (string)
External id of customer.
Example:
{
"new_phone": "+66617524450",
"via": "sms",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 200
Copy of provided data
Body
Media type: application/json
Type: any
Example:
{
"new_phone": "+66617524450",
"via": "sms",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
"makenoise_id": "544bc5a3-664c-47aa-8129-1baeaf389ff7"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
The endpoint receives code which was sent to customer, customer id and request(makenoise) id to update customer phone number. To verify the code is valid and to match the customer phone number. If code is valid the response returns result "ok".
post /customer/confirm_update_phone_number/
The endpoint receives code which was sent to customer, customer id and request(makenoise) id to update customer phone number. To verify the code is valid and to match the customer phone number. If code is valid the response returns result "ok".
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- code: required (string)
verification code was sent to customer.
- user_id: required (string)
External id of customer.
- makenoise_id: required (string)
unique request id.
Example:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"code": "05856",
"makenoise_id": "544bc5a3-664c-47aa-8129-1baeaf389ff7"
}
HTTP status code 200
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Update customer's email for the project. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
post /customer/update_email/
Update customer's email for the project. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- new_email: required (string)
An email address.
- via: required (string)
Default RecoveryType for customer
- user_id: required (string)
External id of customer.
Example:
{
"new_email": "test_new@gmail.com",
"via": "sms",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 200
Copy of provided data
Body
Media type: application/json
Type: any
Example:
{
"new_email": "test_new@gmail.com",
"via": "sms",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
"makenoise_id": "34e42008-777a-4700-935e-f13070b84cd7"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
The endpoint receives code which was sent to customer, customer id and request(makenoise) id to update customer email. To verify the code is valid and to match the customer email. If code is valid the response returns result "ok".
post /customer/confirm_update_email/
The endpoint receives code which was sent to customer, customer id and request(makenoise) id to update customer email. To verify the code is valid and to match the customer email. If code is valid the response returns result "ok".
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- code: required (string)
verification code was sent to customer.
- user_id: required (string)
External id of customer.
- makenoise_id: required (string)
unique request id.
Example:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"code": "34799",
"makenoise_id": "34e42008-777a-4700-935e-f13070b84cd7"
}
HTTP status code 200
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Make a call to customer to confirm recovery request. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request. The response returns copy of provided data.
post /customer/call_recovery/
Make a call to customer to confirm recovery request. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- oldAddr: required (string)
Customer's old wallet address in ethereum etoken contract.
- newAddr: required (string)
Customer's new wallet address in ethereum etoken contract.
- vTenant: required (string)
v binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- rTenant: required (string)
hex from r binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- sTenant: required (string)
hex from s binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- nonceTenant: required (string)
unique nonce for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- user_id: required (string)
External id of customer.
Example:
{
"oldAddr": "0x06c7607fea331D13C17a31E067Ee12A1231a2e8b",
"newAddr": "0x06c7607fea331D13C17a31E067Ee12A1231a2e48",
"rTenant": "37373067327934684150003069652436424164709637804483900946094207067076073299906",
"sTenant": "33588208770429537150211323532503275307743948959119560275894539333333012548613",
"vTenant": "28L",
"nonceTenant": "d94fbdbd-efba-4e42-babf-4b8933a5d1fa",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 201
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Send a sms to customer for confirm recovery request. Be sure you have an appropriate amount of your account balance and was created a message for sms (account.secondfactor.io/account/content/sms_template/) before sending a request. The response returns copy of provided data.
post /customer/sms_recovery/
Send a sms to customer for confirm recovery request. Be sure you have an appropriate amount of your account balance and was created a message for sms (account.secondfactor.io/account/content/sms_template/) before sending a request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- oldAddr: required (string)
Customer's old wallet address in ethereum etoken contract.
- newAddr: required (string)
Customer's new wallet address in ethereum etoken contract.
- vTenant: required (string)
v binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- rTenant: required (string)
hex from r binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- sTenant: required (string)
hex from s binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- nonceTenant: required (string)
unique nonce for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- user_id: required (string)
External id of customer.
Example:
{
"oldAddr": "0x06c7607fea331D13C17a31E067Ee12A1231a2e8b",
"newAddr": "0x06c7607fea331D13C17a31E067Ee12A1231a2e48",
"rTenant": "37373067327934684150003069652436424164709637804483900946094207067076073299906",
"sTenant": "33588208770429537150211323532503275307743948959119560275894539333333012548613",
"vTenant": "28L",
"nonceTenant": "d94fbdbd-efba-4e42-babf-4b8933a5d1fa",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 201
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
The endpoint receives code which was sent to customer and customer id for projects with etoken protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns ethereum txHash.
post /customer/confirm/
The endpoint receives code which was sent to customer and customer id for projects with etoken protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns ethereum txHash.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- code: required (string)
verification code was sent to customer.
- user_id: required (string)
External id of customer.
Example:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa45",
"code": "45896"
}
HTTP status code 200
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
"txHash": "0x7a0f62ffd3d00b929b57b481a9ea7ef10f5aba03e3fef1f2657e62c53387a381"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Create a customer for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
post /customer/cosigning_protocol/create/
Create a customer for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- userEthAddress: required (string)
Customer's wallet address in ethereum etoken contract.
- signupHexData: required (string)
ethereum contract invocation data, hex string.
- phone: required (string)
A phone number with country and city codes (numbers only, with plus sign, no brackets or other characters - e.g +6282144726437).
- email: required (string)
Valid customer's email address.
- first_name: (string)
Customer's first name.
- last_name: (string)
Customer's last name.
- via: required (one of sms, call, telegram, whatsapp)
Default RecoveryType for customer
- language: required (one of da-DK, de-DE, en-GB, es-ES, fi-FI, fr-FR, it-IT, ja-JP, ko-KR, nb-NO, nl-NL, pl-PL, pt-PT, ru-RU, sv-SE, zh-CN)
Customer's language
- user_id: required (string)
External id of customer.
Example:
{
"userEthAddress": "0x1ff21eca1c3ba96ed53783ab9c92ffbf77862584",
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 201
Copy of provided data
Body
Media type: application/json
Type: any
Example:
{
"userEthAddress": "0x1ff21eca1c3ba96ed53783ab9c92ffbf77862584",
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"makenoise_id":"544bc5a3-664c-47aa-8129-1baeaf389ff7"
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Send a sms to customer to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
post /customer/cosigning_protocol/sms/
Send a sms to customer to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- signupHexData: required (string)
ethereum contract invocation data, hex string.
- user_id: required (string)
External id of customer.
Example:
{
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 201
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"makenoise_id":"45a4beae-e954-4f3d-b96d-d2f1e79407f4"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Make a call to customer to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request.
post /customer/cosigning_protocol/call/
Make a call to customer to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- signupHexData: required (string)
ethereum contract invocation data, hex string.
- user_id: required (string)
External id of customer.
Example:
{
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 201
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"makenoise_id":"45a4beae-e954-4f3d-b96d-d2f1e79407f4"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Send a messege to customer via telegram messanger to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
post /customer/cosigning_protocol/telegram/
Send a messege to customer via telegram messanger to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- signupHexData: required (string)
ethereum contract invocation data, hex string.
- user_id: required (string)
External id of customer.
Example:
{
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 201
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"makenoise_id":"45a4beae-e954-4f3d-b96d-d2f1e79407f4"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Send a messege to customer via whatsapp messanger to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
post /customer/cosigning_protocol/whatsapp/
Send a messege to customer via whatsapp messanger to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- signupHexData: required (string)
ethereum contract invocation data, hex string.
- user_id: required (string)
External id of customer.
Example:
{
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 201
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"makenoise_id":"45a4beae-e954-4f3d-b96d-d2f1e79407f4"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
The endpoint receives code which was sent to customer and customer id for projects with cosigning protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns signed_data (vrs) and nonce.
post /customer/cosigning_protocol/confirm/
The endpoint receives code which was sent to customer and customer id for projects with cosigning protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns signed_data (vrs) and nonce.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- code: required (string)
verification code was sent to customer.
- user_id: required (string)
External id of customer.
Example:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa45",
"code": "45896",
"makenoise_id": "544bc5a3-664c-47aa-8129-1baeaf389ff7"
}
HTTP status code 200
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
'nonce': '0x0000000000000000000000000000000073526314ad58469f8254df072fb9a81c',
'signed_data': {
'v': '0x1b',
'r': '0xe2bbd675833b7ed9ccf1b996a63df7a4bc48bd172c3a9fd299a31b63ccc777f1',
's': '0x6a3ca8164ec2239dd723444c655b6b662e1109bc67d68fff6f38c27a006c36f4'
},
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Create a customer for the project with omni protocol. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
post /customer/omni/create/
Create a customer for the project with omni protocol. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- phone: required (string)
A phone number with country and city codes (numbers only, with plus sign, no brackets or other characters - e.g +6282144726437).
- email: required (string)
Valid customer's email address.
- first_name: (string)
Customer's first name.
- last_name: (string)
Customer's last name.
- via: required (string)
Default RecoveryType for customer
- language: required (one of da-DK, de-DE, en-GB, es-ES, fi-FI, fr-FR, it-IT, ja-JP, ko-KR, nb-NO, nl-NL, pl-PL, pt-PT, ru-RU, sv-SE, zh-CN)
Customer's language
- user_id: required (string)
Customer external id.
Example:
{
"first_name": "Darth",
"last_name": "Vader",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 201
Copy of provided data
Body
Media type: application/json
Type: any
Example:
{
"first_name": "Darth",
"last_name": "Vader",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Send a sms to customer to confirm the action (recovery etc.) for the project with omni protocol. Be sure you have an appropriate amount of your account balance before sending a request.
post /customer/omni/sms/
Send a sms to customer to confirm the action (recovery etc.) for the project with omni protocol. Be sure you have an appropriate amount of your account balance before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- determined_pub_key: required (string)
Project public key.
- signup_data: required (array of any)
List of hashes have to sign.
- user_id: required (string)
Unique customer external id.
- entropy: required (string)
Unique UUID string.
Example:
{
"determined_pub_key": "02b037e8096ee5abf62d1a934e401b93d90a8fc8a839abe441180c4efe4f754d95",
"signup_data": [
"486eba2a15bdd073d6973c3f455094a1cfa3e461b7cb94ba1a79e150665bb0e8"
],
"user_id": "9a94633c-cbf7-456a-9eb5-55cdd1f143f1",
"entropy": "8bd83d67-4e6d-4143-9c17-20d9002d7963"
}
HTTP status code 201
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
"user_id": "9a94633c-cbf7-456a-9eb5-55cdd1f143f1"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
Make a call to customer to confirm the action (recovery etc.) for the project with omni protocol. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request.
post /customer/omni/call/
Make a call to customer to confirm the action (recovery etc.) for the project with omni protocol. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- determined_pub_key: required (string)
Project public key.
- signup_data: required (array of any)
List of hashes have to sign.
- user_id: required (string)
Unique customer external id.
- entropy: required (string)
Unique UUID string.
Example:
{
"determined_pub_key": "02b037e8096ee5abf62d1a934e401b93d90a8fc8a839abe441180c4efe4f754d95",
"signup_data": [
"486eba2a15bdd073d6973c3f455094a1cfa3e461b7cb94ba1a79e150665bb0e8"
],
"user_id": "9a94633c-cbf7-456a-9eb5-55cdd1f143f1",
"entropy": "8bd83d67-4e6d-4143-9c17-20d9002d7963"
}
HTTP status code 201
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
"user_id": "9a94633c-cbf7-456a-9eb5-55cdd1f143f1"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}
The endpoint receives code which was sent to customer and customer id for projects with omni protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns signed hashes.
post /customer/omni/confirm/
The endpoint receives code which was sent to customer and customer id for projects with omni protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns signed hashes.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Example:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Example:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Example:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- code: required (string)
verification code was sent to customer.
- user_id: required (string)
External id of customer.
Example:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa45",
"code": "45896"
}
HTTP status code 200
Returns signatures only for confirm recovery.
Body
Media type: application/json
Type: any
Example:
{
"result": "ok",
"signatures": ["30450221008c2d853c99a3f5820b7814dd67d58781d3125acba80cae4588616aea3869795002207e8038693701eca676ad928b9790ee04dc8c5c9cf3ef4efca1bd5a5c412c0537"]
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: any
Example:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: any
Example:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: any
Example:
{
"error": "Invalid Signature",
}