Versions Compared

Old Version 7

changes.mady.by.user Doroshenko Ivan

Saved on

compared with

New Version 8

changes.mady.by.user Doroshenko Ivan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Change password
    • api/v1/token/password/changing - get OTT (email by default, if there is no email, then phone number)  

      responseBody: {
                                   "destination": "email@gmail.com/+123456789",
                                   "expiration": "30min"
                                 }

  • User key management (TO BE DISCUSSED)
    • get OTT passing required operation: change/remove email/phoneNumber – "api/v1/token/userKeys/" +  requestBody: {"operation": ..., "userKeyType": ...} + responseBody: {"destination": ..., "expiration": UUID}
    • get OTT for new user key – "api/v1/token/newKey" + requestBody: {"destination": ..., "ott": ...} + responseBody: {"destination": ..., "expiration": UUID}
    • add OTT for new user key – "api/v1/token/newKey/adding" + requestBody: {"destination": ...}
    • adding - get OTT to add new email/phone_number

              requestBody: {
                                        "keyType": "EMAIL/PHONE_NUMBER"
                                        "newUserKey": "email@gmail.com/+123456789", 
                                       }

              responseBody: {
                                           "expiration": "30min."
                                          }

    • api/v1/token/userKeys/changing?keyType=EMAIL/PHONE_NUMBER - get OTT to change existing email/phone_number + check if MFA for a chosen key is disabled, if not then firstly user has to disable mfa

      responseBody: {
                                   "expiration": "30min."
                                 }

    • api/v1/token/userKeys/changing/newKey - get OTT for a new email/phone_number to complete the user key changing flow

              requestBody: {
                                        "oneTimeToken": "previous step ott",
                                        "newUserKey": "email@gmail.com/+123456789"
                                       }

    • api/v1/token/userKeys/removing?keyType=EMAIL/PHONE_NUMBER - get OTT to remove user email/phone_number + check if MFA for a chosen key is disabled, if not then firstly user has to disable mfa 

      responseBody: {
                                   "expiration": "30min."
                                 }api/v1/token/userKeys/adding request


  • Anti-phishing code | switchable depends on anti-phishing
    • "api/v1/token/antiPhishing/changing" - get OTT to change anti-phishing code (works only through email)

      responseBody: {
                                   "expiration": "30min."
                                 }

  • Disable MFA | switchable, depends on MFA
    • api/v1/token/mfa/disabling - get email/phone number OTT + reject if destination MFA is disabled

      requestBody: {
                                "destination": "EMAIL/PHONE_NUMBER", 
                               }

      responseBody: {
                                   "expiration": "30min."
                                 }

...