Second Factor API documentation version v2
https://account.secondfactor.io/api/{version}
- version: required (v2)
EToken cosigner protocol
Service that provides common signatures for Ethereum on-chain verification in Cosigner Smart Contract.
EToken protocol
Service that utilizes Recovery contract to perform deprecated EToken recovery procedure through trust().
Omni protocol
Java application for Wallet3 security scheme, installed on SecondFactor side.
/customer
Create a customer for the project. If a client uses ambisafe etoken contract firstly verified customer then creating the customer in ethereum recovery contract. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
post /customer/create/
Create a customer for the project. If a client uses ambisafe etoken contract firstly verified customer then creating the customer in ethereum recovery contract. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- nonceTenant: required (string)
unique nonce for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- vTenant: required (string)
v binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- address: required (string)
Customer's wallet address in ethereum etoken contract.
- email: required (string)
Valid customer's email address.
- first_name: (string)
Customer's first name.
- phone: required (string)
A phone number with country and city codes (numbers only, with plus sign, no brackets or other characters - e.g +6282144726437).
- via: required (string)
Default RecoveryType for customer
- sTenant: required (string)
hex from s binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- language: required (one of da-DK, de-DE, en-GB, es-ES, fi-FI, fr-FR, it-IT, ja-JP, ko-KR, nb-NO, nl-NL, pl-PL, pt-PT, ru-RU, sv-SE, zh-CN)
Customer's language
- last_name: (string)
Customer's last name.
- user_id: required (string)
External id of customer.
- rTenant: required (string)
hex from r binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
Examples:
{
"address": "0x06c7607fea331D13C17a31E067Ee12A1231a2e8b",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"rTenant": "37373067327934684150003069652436424164709637804483900946094207067076073299906",
"sTenant": "33588208770429537150211323532503275307743948959119560275894539333333012548613",
"vTenant": "28L",
"nonceTenant": "072f0f7f-89af-434b-90f2-244d4aeba46e",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 201
Copy of provided data
Body
Media type: application/json
Type: object
Examples:
{
"address": "0x06c7607fea331D13C17a31E067Ee12A1231a2e8b",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"rTenant": "37373067327934684150003069652436424164709637804483900946094207067076073299906",
"sTenant": "33588208770429537150211323532503275307743948959119560275894539333333012548613",
"vTenant": "28L",
"nonceTenant": "072f0f7f-89af-434b-90f2-244d4aeba46e",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer already exist and verified",
"error": "The endpoint is valid only for projects using etoken protocol",
"error": "Verify via email not allowed",
"error": "Customer not found",
"error": "SF Create customer error: {'__all__': [ValidationError(['Customer with
userEthAddress=0x5df8bc495c9cd3f22a62713a772c6aea42fdc3dc already exists.'])]}",
"error": "{'phone': ['Brazil: Enter a valid phone number']}"
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Auth headers not set",
"error": "API-%s not set in headers.",
"error": "Invalid API-NONCE in headers",
"error": "Invalid credentials."
}
HTTP status code 402
Payment error.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Your organization balance less than 1$. Recharge error:
Request req_LCQUpZwjzmJ55M: Your card was declined.",
"error": "Recharge error has occurred. If you've refilled your credit
card please or set up a new one, activate payments by credit
card on https://account.secondfactor.io/account/billing/",
"error": "Please, set card details https://account.secondfactor.io/account/billing/"
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
"error": "Invalid ip address",
"error": "Invalid nonce"
}
The endpoint returns information about all project's customers. The response includes lists the customers and display all details about each customer.
get /customer/list/
The endpoint returns information about all project's customers. The response includes lists the customers and display all details about each customer.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
HTTP status code 200
Body
Media type: application/json
Type: array
Examples:
[
{
"email": "test@test.com",
"language_id": 24,
"created": "2016-06-04T06:07:58.014Z",
"via_id": 1,
"first_name": "Marina",
"phone": "+380665077150",
"external_id": "357159",
"project_id": 1,
"updated": "2016-06-04T06:07:58.014Z",
"is_verified": false,
"id": 2,
"locked": false,
"last_name": "Secondname",
"hash": "6a8c7fa5ae199f94f6ef0c944ad21de2"
},
{
"email": "test@test.com",
"language_id": 9,
"created": "2016-06-04T06:07:58.014Z",
"via_id": 1,
"first_name": "Test_name",
"phone": "+380666039388",
"external_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"project_id": 1,
"updated": "2016-06-04T06:07:58.014Z",
"is_verified": true,
"id": 1,
"locked": false,
"last_name": "Test Second_name",
"hash": "b6f8249c64018946a9c8ec38622e8fc2"
}
]Get customer by user id. The response is a list with one element that displays all details about customer.
post /customer/id/
Get customer by user id. The response is a list with one element that displays all details about customer.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
HTTP status code 200
Body
Media type: application/json
Type: array
Examples:
[
{
"email": "test@test.com",
"language_id": 24,
"created": "2016-06-04T06:07:58.014Z",
"via_id": 1,
"first_name": "Marina",
"phone": "+380665077150",
"external_id": "357159",
"project_id": 1,
"updated": "2016-06-04T06:07:58.014Z",
"is_verified": false,
"id": 2,
"locked": false,
"last_name": "Secondname",
"hash": "6a8c7fa5ae199f94f6ef0c944ad21de2"
}
]Update customer's phone number for the project. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
post /customer/update_phone_number/
Update customer's phone number for the project. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- new_phone: required (string)
A phone number with country and city codes (numbers only, with plus sign, no brackets or other characters - e.g +6282144726437).
- via: required (string)
Default RecoveryType for customer
- user_id: required (string)
External id of customer.
Examples:
{
"new_phone": "+66617524450",
"via": "sms",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 200
Copy of provided data
Body
Media type: application/json
Type: object
Examples:
{
"new_phone": "+66617524450",
"via": "sms",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
"makenoise_id": "544bc5a3-664c-47aa-8129-1baeaf389ff7"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
The endpoint receives code which was sent to customer, customer id and request(makenoise) id to update customer phone number. To verify the code is valid and to match the customer phone number. If code is valid the response returns result "ok".
post /customer/confirm_update_phone_number/
The endpoint receives code which was sent to customer, customer id and request(makenoise) id to update customer phone number. To verify the code is valid and to match the customer phone number. If code is valid the response returns result "ok".
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- code: required (string)
verification code was sent to customer.
- user_id: required (string)
External id of customer.
- makenoise_id: required (string)
unique request id.
Examples:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"code": "05856",
"makenoise_id": "544bc5a3-664c-47aa-8129-1baeaf389ff7"
}HTTP status code 200
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Update customer's email for the project. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
post /customer/update_email/
Update customer's email for the project. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- new_email: required (string)
An email address.
- via: required (string)
Default RecoveryType for customer
- user_id: required (string)
External id of customer.
Examples:
{
"new_email": "test_new@gmail.com",
"via": "sms",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 200
Copy of provided data
Body
Media type: application/json
Type: object
Examples:
{
"new_email": "test_new@gmail.com",
"via": "sms",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
"makenoise_id": "34e42008-777a-4700-935e-f13070b84cd7"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
The endpoint receives code which was sent to customer, customer id and request(makenoise) id to update customer email. To verify the code is valid and to match the customer email. If code is valid the response returns result "ok".
post /customer/confirm_update_email/
The endpoint receives code which was sent to customer, customer id and request(makenoise) id to update customer email. To verify the code is valid and to match the customer email. If code is valid the response returns result "ok".
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- code: required (string)
verification code was sent to customer.
- user_id: required (string)
External id of customer.
- makenoise_id: required (string)
unique request id.
Examples:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"code": "34799",
"makenoise_id": "34e42008-777a-4700-935e-f13070b84cd7"
}HTTP status code 200
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Make a call to customer to confirm recovery request. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request. The response returns copy of provided data.
post /customer/call_recovery/
Make a call to customer to confirm recovery request. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- oldAddr: required (string)
Customer's old wallet address in ethereum etoken contract.
- newAddr: required (string)
Customer's new wallet address in ethereum etoken contract.
- vTenant: required (string)
v binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- rTenant: required (string)
hex from r binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- sTenant: required (string)
hex from s binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- nonceTenant: required (string)
unique nonce for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- user_id: required (string)
External id of customer.
Examples:
{
"oldAddr": "0x06c7607fea331D13C17a31E067Ee12A1231a2e8b",
"newAddr": "0x06c7607fea331D13C17a31E067Ee12A1231a2e48",
"rTenant": "37373067327934684150003069652436424164709637804483900946094207067076073299906",
"sTenant": "33588208770429537150211323532503275307743948959119560275894539333333012548613",
"vTenant": "28L",
"nonceTenant": "d94fbdbd-efba-4e42-babf-4b8933a5d1fa",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 201
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Send a sms to customer for confirm recovery request. Be sure you have an appropriate amount of your account balance and was created a message for sms (account.secondfactor.io/account/content/sms_template/) before sending a request. The response returns copy of provided data.
post /customer/sms_recovery/
Send a sms to customer for confirm recovery request. Be sure you have an appropriate amount of your account balance and was created a message for sms (account.secondfactor.io/account/content/sms_template/) before sending a request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- oldAddr: required (string)
Customer's old wallet address in ethereum etoken contract.
- newAddr: required (string)
Customer's new wallet address in ethereum etoken contract.
- vTenant: required (string)
v binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- rTenant: required (string)
hex from r binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- sTenant: required (string)
hex from s binary string for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- nonceTenant: required (string)
unique nonce for singning ethereum transaction. Is required for projects which use ambisafe etoken contract.
- user_id: required (string)
External id of customer.
Examples:
{
"oldAddr": "0x06c7607fea331D13C17a31E067Ee12A1231a2e8b",
"newAddr": "0x06c7607fea331D13C17a31E067Ee12A1231a2e48",
"rTenant": "37373067327934684150003069652436424164709637804483900946094207067076073299906",
"sTenant": "33588208770429537150211323532503275307743948959119560275894539333333012548613",
"vTenant": "28L",
"nonceTenant": "d94fbdbd-efba-4e42-babf-4b8933a5d1fa",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 201
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
The endpoint receives code which was sent to customer and customer id for projects with etoken protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns ethereum txHash.
post /customer/confirm/
The endpoint receives code which was sent to customer and customer id for projects with etoken protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns ethereum txHash.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- code: required (string)
verification code was sent to customer.
- user_id: required (string)
External id of customer.
- makenoise_id: (string)
Intermnal id of customer's contact.
Examples:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa45",
"code": "45896"
}HTTP status code 200
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
"txHash": "0x7a0f62ffd3d00b929b57b481a9ea7ef10f5aba03e3fef1f2657e62c53387a381"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Create a customer for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
post /customer/cosigning_protocol/create/
Create a customer for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- email: required (string)
Valid customer's email address.
- first_name: (string)
Customer's first name.
- signupHexData: required (string)
ethereum contract invocation data, hex string.
- phone: required (string)
A phone number with country and city codes (numbers only, with plus sign, no brackets or other characters - e.g +6282144726437).
- via: required (one of sms, call, telegram, whatsapp)
Default RecoveryType for customer
- userEthAddress: required (string)
Customer's wallet address in ethereum etoken contract.
- language: required (one of da-DK, de-DE, en-GB, es-ES, fi-FI, fr-FR, it-IT, ja-JP, ko-KR, nb-NO, nl-NL, pl-PL, pt-PT, ru-RU, sv-SE, zh-CN)
Customer's language
- last_name: (string)
Customer's last name.
- user_id: required (string)
External id of customer.
Examples:
{
"userEthAddress": "0x1ff21eca1c3ba96ed53783ab9c92ffbf77862584",
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 201
Copy of provided data
Body
Media type: application/json
Type: object
Examples:
{
"userEthAddress": "0x1ff21eca1c3ba96ed53783ab9c92ffbf77862584",
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"makenoise_id":"544bc5a3-664c-47aa-8129-1baeaf389ff7"
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Send a sms to customer to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
post /customer/cosigning_protocol/sms/
Send a sms to customer to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- signupHexData: required (string)
ethereum contract invocation data, hex string.
- user_id: required (string)
External id of customer.
Examples:
{
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 201
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"makenoise_id":"45a4beae-e954-4f3d-b96d-d2f1e79407f4"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Make a call to customer to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request.
post /customer/cosigning_protocol/call/
Make a call to customer to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- signupHexData: required (string)
ethereum contract invocation data, hex string.
- user_id: required (string)
External id of customer.
Examples:
{
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 201
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"makenoise_id":"45a4beae-e954-4f3d-b96d-d2f1e79407f4"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Send a messege to customer via telegram messanger to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
post /customer/cosigning_protocol/telegram/
Send a messege to customer via telegram messanger to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- signupHexData: required (string)
ethereum contract invocation data, hex string.
- user_id: required (string)
External id of customer.
Examples:
{
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 201
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"makenoise_id":"45a4beae-e954-4f3d-b96d-d2f1e79407f4"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Send a messege to customer via whatsapp messanger to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
post /customer/cosigning_protocol/whatsapp/
Send a messege to customer via whatsapp messanger to confirm the action (recovery etc.) for the project with cosigning protocol. Be sure you have an appropriate amount of your account balance before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- signupHexData: required (string)
ethereum contract invocation data, hex string.
- user_id: required (string)
External id of customer.
Examples:
{
"signupHexData": "0x82fc49b80000000000000000000000001c4a10b09f54c2a2601b71e7644124efefd2cd7b",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 201
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f",
"makenoise_id":"45a4beae-e954-4f3d-b96d-d2f1e79407f4"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
The endpoint receives code which was sent to customer and customer id for projects with cosigning protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns signed_data (vrs) and nonce.
post /customer/cosigning_protocol/confirm/
The endpoint receives code which was sent to customer and customer id for projects with cosigning protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns signed_data (vrs) and nonce.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- code: required (string)
verification code was sent to customer.
- user_id: required (string)
External id of customer.
- makenoise_id: (string)
Intermnal id of customer's contact.
Examples:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa45",
"code": "45896",
"makenoise_id": "544bc5a3-664c-47aa-8129-1baeaf389ff7"
}HTTP status code 200
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
'nonce': '0x0000000000000000000000000000000073526314ad58469f8254df072fb9a81c',
'signed_data': {
'v': '0x1b',
'r': '0xe2bbd675833b7ed9ccf1b996a63df7a4bc48bd172c3a9fd299a31b63ccc777f1',
's': '0x6a3ca8164ec2239dd723444c655b6b662e1109bc67d68fff6f38c27a006c36f4'
},
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Create a customer for the project with omni protocol. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
post /customer/omni/create/
Create a customer for the project with omni protocol. Be sure you have an appropriate amount of your account balance before send request. The response returns copy of provided data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- phone: required (string)
A phone number with country and city codes (numbers only, with plus sign, no brackets or other characters - e.g +6282144726437).
- email: required (string)
Valid customer's email address.
- first_name: (string)
Customer's first name.
- last_name: (string)
Customer's last name.
- via: required (string)
Default RecoveryType for customer
- language: required (one of da-DK, de-DE, en-GB, es-ES, fi-FI, fr-FR, it-IT, ja-JP, ko-KR, nb-NO, nl-NL, pl-PL, pt-PT, ru-RU, sv-SE, zh-CN)
Customer's language
- user_id: required (string)
Customer external id.
Examples:
{
"first_name": "Darth",
"last_name": "Vader",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 201
Copy of provided data
Body
Media type: application/json
Type: object
Examples:
{
"first_name": "Darth",
"last_name": "Vader",
"phone": "+66617524450",
"email": "customer_email@test.com",
"via": "sms",
"language": "ru-RU",
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Send a sms to customer to confirm the action (recovery etc.) for the project with omni protocol. Be sure you have an appropriate amount of your account balance before sending a request.
post /customer/omni/sms/
Send a sms to customer to confirm the action (recovery etc.) for the project with omni protocol. Be sure you have an appropriate amount of your account balance before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- determined_pub_key: required (string)
Project public key.
- signup_data: required (array)
List of hashes have to sign.
- user_id: required (string)
Unique customer external id.
- entropy: required (string)
Unique UUID string.
Examples:
{
"determined_pub_key": "02b037e8096ee5abf62d1a934e401b93d90a8fc8a839abe441180c4efe4f754d95",
"signup_data": [
"486eba2a15bdd073d6973c3f455094a1cfa3e461b7cb94ba1a79e150665bb0e8"
],
"user_id": "9a94633c-cbf7-456a-9eb5-55cdd1f143f1",
"entropy": "8bd83d67-4e6d-4143-9c17-20d9002d7963"
}HTTP status code 201
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
"user_id": "9a94633c-cbf7-456a-9eb5-55cdd1f143f1"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
Make a call to customer to confirm the action (recovery etc.) for the project with omni protocol. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request.
post /customer/omni/call/
Make a call to customer to confirm the action (recovery etc.) for the project with omni protocol. Be sure you have an appropriate amount of your account balance and were created text-to-speech message (account.secondfactor.io/account/content/call_text_template/) or load records (account.secondfactor.io/account/content/record_template/) before sending a request.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- determined_pub_key: required (string)
Project public key.
- signup_data: required (array)
List of hashes have to sign.
- user_id: required (string)
Unique customer external id.
- entropy: required (string)
Unique UUID string.
Examples:
{
"determined_pub_key": "02b037e8096ee5abf62d1a934e401b93d90a8fc8a839abe441180c4efe4f754d95",
"signup_data": [
"486eba2a15bdd073d6973c3f455094a1cfa3e461b7cb94ba1a79e150665bb0e8"
],
"user_id": "9a94633c-cbf7-456a-9eb5-55cdd1f143f1",
"entropy": "8bd83d67-4e6d-4143-9c17-20d9002d7963"
}HTTP status code 201
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok",
"user_id": "9a94633c-cbf7-456a-9eb5-55cdd1f143f1"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer not found",
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}
The endpoint receives code which was sent to customer and customer id for projects with omni protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns signed hashes.
post /customer/omni/confirm/
The endpoint receives code which was sent to customer and customer id for projects with omni protocol. To verify the code is valid and to match the customer phone number. If code is valid the response returns signed hashes.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- code: required (string)
verification code was sent to customer.
- user_id: required (string)
External id of customer.
- makenoise_id: (string)
Intermnal id of customer's contact.
Examples:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa45",
"code": "45896"
}Delete customer's personal data.
post /customer/delete_personal_data/
Delete customer's personal data.
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
Body
Media type: application/json
Type: object
Properties- user_id: required (string)
External id of customer.
Examples:
{
"user_id": "9f147326-9ef9-4df5-ac95-a642c020aa4f"
}HTTP status code 200
Body
Media type: application/json
Type: object
Examples:
{
"result": "ok"
}
HTTP status code 400
Validation error
Body
Media type: application/json
Type: object
Examples:
{
"error": "Customer's personal data was deleted previously."
}
HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Auth headers not set"
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature"
}
/organization
Get organization's balance
get /organization/get_balance/
Get organization's balance
Headers
- API-KEY: required (string)
The API key for your Second Factor project. You can find your API key at https://secondfactor.io/account/security/. You can also regenerate your API key on that page.
Examples:
79dc4ccdac4d327912ffbb2993bd267e29c4e118
- API-NONCE: required (string)
A time expressed in seconds since the epoch to a struct_time in UTC. Is unique and not older than 60 seconds from current time.
Examples:
1479710878
- API-SIGNATURE: required (string)
Must be hmac sha512 of request. The control signature is generating by sticking together nonce + apikey + endpoint + key and values of transmitted parameters in alphabetical order of their names. Calculate the SHA512 of secret_key and this string. Return the hexdigest of a SHA512 hmac object.
Examples:
nonce = "1476266306" key = "0fc82a4cb0bc5f5b6c83996681081f523025fc90" endpoint = "customer/create/" for parameters: data = { 'vTenant': '28', email': 'customer_email@test.com', 'rTenant':"80343995002341751670556532401275990382866524231612937606671414392342869672984", 'nonceTenant': 6a936089-8b2c-474b-9578-02b995e9b386', 'via': 'sms', 'address': '0x9e2b6c911f80af7d50816e8997c969b848ca2f2d', 'phone': '+380636039388', 'sTenant': '29999047416041694428665286738030678997554793404742960808065820977490552582672', 'language': 'ru-RU' } string representation of the request body will looks like: address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms msg will looks like: msg = 14762663060fc82a4cb0bc5f5b6c83996681081f523025fc90customer/create/address0x9e2b6c911f80af7d50816e8997c969b848ca2f2demailcustomer_email@test.comlanguageru-RUnonceTenant6a936089-8b2c-474b-9578-02b995e9b386phone+380636039388rTenant80343995002341751670556532401275990382866524231612937606671414392342869672984sTenant29999047416041694428665286738030678997554793404742960808065820977490552582672vTenant28viasms Finally, secret_key = "your_secret_key" sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() Example signature Python: def get_signature(data, nonce, apikey, endpoint, secret_key): keys_sorted = sorted(data.keys()) result_request_body_string = "".join((key + str(data[key])) for key in keys_sorted) msg = str(nonce) + str(apikey) + endpoint + result_request_body_string sign_hash = hmac.new(secret_key.encode('utf-8'), msg.encode('utf-8'), digestmod='SHA512').hexdigest() return sign_hash
HTTP status code 200
Body
Media type: application/json
Type: object
Examples:
{
"organization_name": "Poly",
"balance_usd": 162.25
}HTTP status code 401
Authentication error. Invalid credentials.
Body
Media type: application/json
Type: object
Examples:
{
"error": " Auth headers not set",
}
HTTP status code 403
Permission deny error. In case if invalid ip address, nonce or signature.
Body
Media type: application/json
Type: object
Examples:
{
"error": "Invalid Signature",
}