...
Unauthorized user
Operations:
- Login | switchable, depends on MFA
- get email/phone number OTT (MFA) – "api/v1/token/login/email" ,+ requestBody: "api/v1/token/login/mobile" or "api/v1/token/login/email"
- {"type": "email/phoneNumber", "processingId": UUID}
- get OTT (email by default, if there is no email, then phone number) – "api/v1/token/password"
- get email/phone number OTT (MFA) – "api/v1/token/login/email" ,+ requestBody: "api/v1/token/login/mobile" or "api/v1/token/login/email"
- Reset password
- get OTT (email or phone number, depending on which option has been chosen by user) – "api/v1/token/recovery/password"
password/recovery" + requestBody: {"processingId": UUID} + responseBody: {"destination": ..., "expiration": ...}
- get OTT (email or phone number, depending on which option has been chosen by user) – "api/v1/token/recovery/password"
- MFA recovery | switchable, depends on MFA
- get email/phone number OTT for verification –
- get email OTT for verification
- get phone number OTT for verification
- get email OTT for changing email – "api/v1/token/mfa/recovery/security/email"verification" + requestBody: {"destination": "email/phoneNumber", "processingId": UUID} + responseBody: {"destination": ..., "expiration": UUID} + validate if recovered type not passed as OTT
- get email/get phone number OTT for changing phone number – user key – "api/v1/token/recovery/security/mobile"mfa/recovery/newKey" + responseBody: {"destination": ..., "expiration": UUID}
- Registration
- registration OTT (email or phone number, depending on which option has been chosen by user) – "api/v1/token/registration" + requestBody: {"processingId": UUID} + responseBody: {"destination": ..., "expiration": UUID}
Authorized user
Operations:
- Change passwordEmail managment
- get OTT passing required operation: change/remove email, change/remove anti-phishing code – (email by default, if there is no email, then phone number) – "api/v1/token/email"
- /password/changing" + responseBody: {"destination": ..., "expiration": UUID}
- get OTT passing required operation: change/remove email, change/remove anti-phishing code – (email by default, if there is no email, then phone number) – "api/v1/token/email"
- User key management (TO BE DISCUSSED)
- get OTT passing required operation: change/remove phone number – email/phoneNumber – "api/v1/token/mobile"
- userKeys" + requestBody: {"operation": ..., "userKeyType": ...} + responseBody: {"destination": ..., "expiration": UUID}
- get OTT for new user key –
- get OTT – "api/v1/token/emailAdding"
newKey" + requestBody: {"destination": ...} + responseBody: {"destination": ..., "expiration": UUID} + reject if
- get OTT passing required operation: change/remove phone number – email/phoneNumber – "api/v1/token/mobile"
- Anti-phising code | switchable, depends on anti-phishing
- get OTT – "api/v1/token/antiPhishing/mobileAddingchanging"
- get OTT – "api/v1/token/antiPhishing/mobileAddingchanging"
- Disable MFA | switchable, depends on MFA
- get email OTT – "api/v1/token/mfa/email"get phone number OTT – "api/v1/token/mfa/mobile"disabling" + requestBody: {"destination": ...} + reject if destination MFA is disabled