---
swagger: "2.0"
info:
title: xlg-pat-v-bne-screen-challenge
description: This microservice will be used for challenge validation/generation
of BNE customers, when they need a Second Authentication Factor
version: 1.0.0
x-ibm-name: xlg-pat-v-bne-screen-challenge
host: 127.0.0.1
schemes:
- https
basePath: /api
produces:
- application/json
paths:
/v1/x-global/bne/security/authenticate/challenge/info/validate:
post:
tags:
- bne-validate-challenge-info
operationId: bne-validate-challenge-info
summary: 'LOB: BNE, feature: login challenge, functionality: validate'
description: This API is used to send the information of the authenticate customer
by validating the challenge code for BNE
consumes:
- application/json
produces:
- application/json
parameters:
- name: client_id
in: header
required: true
type: string
description: Client ID generated during application registration
- name: Authorization
in: header
required: true
type: string
description: The Authorization Token received during login
- name: Accept
in: header
required: true
type: string
description: Content-Types that are acceptable for the response
- name: uuid
in: header
required: true
type: string
description: 128 bit UUID that you generate for every request
- name: Accept-Language
in: header
required: false
type: string
description: List of acceptable human languages for response
- name: Content-Type
in: header
required: true
type: string
description: Content-Types that are sent in the request
- name: countryCode
in: header
required: true
type: string
description: Country code in 2 character ISO 3166 format
- name: businessCode
in: header
required: true
type: string
description: Business code identified durin application registration
- name: ChannelId
in: header
required: true
type: string
description: Channel where request originated
- name: sid
in: header
required: true
type: string
description: Session is generated and returned on the first API call of the
key exchange (GET e2e call) as response header, which needs to be resent
on succesive calls of same session.
- name: validateCustomerChallengeRequest
in: body
schema:
$ref: '#/definitions/BneValidateChallengeInfoRequest'
responses:
200:
description: Successful operation.
400:
description:
Type | Code | Details |
error | invalidRequest | Missing
or invalid Parameters |
schema:
$ref: '#/definitions/ErrorResponse'
401:
description: Type | Code | Details |
error | unAuthorized | Authorization
credentials are missing or invalid |
schema:
$ref: '#/definitions/ErrorResponse'
403:
description: Type | Code | Details | More
Info |
error | accessNotConfigured | The request
operation is not configured to access this resource | Channel/Country/Business
provided in the request is not supported currently |
schema:
$ref: '#/definitions/ErrorResponse'
404:
description: Type | Code | Details | More
Info |
error | resourceNotFound | The requested
resource was not found | Empty resource/resource not found |
schema:
$ref: '#/definitions/ErrorResponse'
422:
description: Type | Code | Details |
error | businessValidationFailed | Business
validation error occured on one or more parameters |
schema:
$ref: '#/definitions/ErrorResponse'
500:
description: Type | Code | Details |
fatal | serverUnavailable | The
request failed due to an internal error/server unavailability |
schema:
$ref: '#/definitions/ErrorResponse'
definitions:
BneValidateChallengeInfoRequest:
type: object
required:
- oneTimePasswordToken
- mfaTransactionType
- mfaTransactionId
properties:
oneTimePasswordToken:
description: Validation code generated by hardware token
type: string
example: "123456"
mfaTransactionType:
description: Field indicates the transaction type for which the authentication
is requested, for Login or Risk Transaction
type: string
enum:
- LOGIN
- RISK
default: LOGIN
mfaTransactionId:
description: The transaction to apply the challenge
type: string
example: "1234567890"
arcsight:
$ref: '#/definitions/Arcsight'
Arcsight:
type: object
properties:
applicationName:
description: Name of the application or in its absence the simple name of
the browser.
type: string
example: bpm
applicationPlatformName:
description: Platform and version used by the application.
type: string
example: BackBase 5.7.3
arcsightActionCode:
description: Code for arcsight repository 0 - backup, log file 1 - send, log
file 2 - disable arcsight.
enum:
- "0"
- "1"
- "2"
type: string
example: "0"
dataCenterLocation:
description: Data center location
type: string
example: "1234"
destinationIpAddress:
description: IP address of the destination API server.
type: string
example: 169.193.251.49
destinationPort:
description: Destination port information used to identify the application/web
server service.
type: string
example: "443"
hardwareId:
description: Mobile Hardware Id
type: string
example: 098H52ST479QE053V2
hostName:
description: Hostname associated with the Destination IP address.
type: string
example: olb-mxmtu1ap1.nam.nsroot.net
legalRepresentativeId:
description: Unique identifier for corporate legal Representative.
type: string
example: "01"
userAgent:
description: User Agent of the device. Browser Type e.g Mozilla/5.0 (Windows
NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106
Safari/537.36
type: string
example: Mozilla
userId:
description: Id to uniquely Identify the user. Value- Customer number.
type: string
example: "123456789012"
maxLength: 12
aliasName:
description: Name or email of the user.
type: string
example: hugo.enrique.wilthewestefan@citi.com
maxLength: 150
userIdType:
description: Type of login ID used to authenticate
type: string
enum:
- ALIAS
- CUSTOMER_NUM
example: CUSTOMER_NUM
deviceTokenCookie:
description: The value of the cookie. Device token cookie is to be passed
for all the requests excluding the first request.
type: string
example: "123456789"
ipAddress:
description: Ip address of the device.
type: string
example: 192.168.0.0
operationDate:
description: Exact time in which the operation was sent, including the time
zone.
type: string
format: date-time
example: May 24 2019 13:12:09 CST
required:
- applicationName
- applicationPlatformName
- arcsightActionCode
- dataCenterLocation
- destinationIpAddress
- destinationPort
- hardwareId
- hostName
- legalRepresentativeId
- userAgent
- userId
- deviceTokenCookie
- ipAddress
- operationDate
ErrorResponse:
properties:
type:
type: string
description: Invalid - Request did not confirm to the specification and was
unprocessed and rejected. Please fix the value and try again
enum:
- error
- warn
- invalid
- fatal
code:
description: Error code which qualifies the error
type: string
details:
description: Human readable explanation specific to the occurrence of the
problem
type: string
location:
description: The name of the field that resulted in the error
type: string
moreInfo:
description: URI to human readable documentation or detailed description of
the error
type: string
uuid:
description: 128 bit UUID that you generate for every request
type: string
timestamp:
description: Timestamp of the error
type: string
required:
- type
- code
x-ibm-configuration:
enforced: true
testable: true
phase: realized
securityDefinitions:
OAuth2 Application Flow:
type: oauth2
description: ""
flow: application
scopes:
/api/v1: ""
tokenUrl: https://api.banamex.com/mx-gcgapi/api/v1/oauth/token
Client ID:
type: apiKey
description: ""
in: header
name: X-IBM-Client-Id
security:
- OAuth2 Application Flow:
- /api/v1
Client ID: []
x-ibm-endpoints:
- endpointUrl: https://api.banamex.com/mx-gcgapi
type:
- production
- development
...