---
swagger: "2.0"
info:
title: XLG-PAT-P-BneScrChallenge
description: This microservice will be used for challenge validation/generation
of BNE customers, when they need a Second Authentication Factor
version: 1.0.0
x-ibm-name: xlg-pat-p-bnescrchallenge
host: 127.0.0.1
schemes:
- https
basePath: /api
produces:
- application/json
paths:
/v1/x-global/bne/security/authenticate/challenge/retrieve:
post:
tags:
- bne-retrieve-challenge
operationId: bne-retrieve-challenge
summary: To get a challenge code for authenticating a customer for BNE
description: This API is used to get a challenge code for authenticating a customer
for BNE
consumes:
- application/json
produces:
- application/json
parameters:
- name: client_id
in: header
required: true
type: string
description: Client ID generated during application registration
- name: Authorization
in: header
required: true
type: string
description: The Authorization Token received during login
- name: Accept
in: header
required: true
type: string
description: Content-Types that are acceptable for the response
- name: uuid
in: header
required: true
type: string
description: 128 bit UUID that you generate for every request
- name: Accept-Language
in: header
required: false
type: string
description: List of acceptable human languages for response
- name: Content-Type
in: header
required: true
type: string
description: Content-Types that are sent in the request
- name: countryCode
in: header
required: true
type: string
description: Country code in 2 character ISO 3166 format
- name: businessCode
in: header
required: true
type: string
description: Business code identified durin application registration
- name: ChannelId
in: header
required: true
type: string
description: Channel where request originated
- name: sid
in: header
required: true
type: string
description: Session is generated and returned on the first API call of the
key exchange (GET e2e call) as response header, which needs to be resent
on succesive calls of same session.
- name: retrieveChallengeRequest
in: body
schema:
$ref: '#/definitions/RetrieveChallengeRequest'
responses:
200:
description: Successful operation.
schema:
$ref: '#/definitions/RetrieveChallengeResponse'
400:
description:
Type | Code | Details |
error | invalidRequest | Missing
or invalid Parameters |
schema:
$ref: '#/definitions/ErrorResponse'
401:
description: Type | Code | Details |
error | unAuthorized | Authorization
credentials are missing or invalid |
schema:
$ref: '#/definitions/ErrorResponse'
403:
description: Type | Code | Details | More
Info |
error | accessNotConfigured | The request
operation is not configured to access this resource | Channel/Country/Business
provided in the request is not supported currently |
schema:
$ref: '#/definitions/ErrorResponse'
404:
description: Type | Code | Details | More
Info |
error | resourceNotFound | The requested
resource was not found | Empty resource/resource not found |
schema:
$ref: '#/definitions/ErrorResponse'
422:
description: Type | Code | Details |
error | businessValidationFailed | Business
validation error occured on one or more parameters |
schema:
$ref: '#/definitions/ErrorResponse'
500:
description: Type | Code | Details |
fatal | serverUnavailable | The
request failed due to an internal error/server unavailability |
schema:
$ref: '#/definitions/ErrorResponse'
/v1/x-global/bne/security/authenticate/challenge/validate:
post:
tags:
- bne-validate-challenge
operationId: bne-validate-challenge
summary: To authenticate customer by validating the challenge code for BNE
description: This API is used to authenticate customer by validating the challenge
code for BNE
consumes:
- application/json
produces:
- application/json
parameters:
- name: client_id
in: header
required: true
type: string
description: Client ID generated during application registration
- name: Authorization
in: header
required: true
type: string
description: The Authorization Token received during login
- name: Accept
in: header
required: true
type: string
description: Content-Types that are acceptable for the response
- name: uuid
in: header
required: true
type: string
description: 128 bit UUID that you generate for every request
- name: Accept-Language
in: header
required: false
type: string
description: List of acceptable human languages for response
- name: Content-Type
in: header
required: true
type: string
description: Content-Types that are sent in the request
- name: countryCode
in: header
required: true
type: string
description: Country code in 2 character ISO 3166 format
- name: businessCode
in: header
required: true
type: string
description: Business code identified durin application registration
- name: ChannelId
in: header
required: true
type: string
description: Channel where request originated
- name: sid
in: header
required: true
type: string
description: Session is generated and returned on the first API call of the
key exchange (GET e2e call) as response header, which needs to be resent
on succesive calls of same session.
- name: validateCustomerChallengeRequest
in: body
schema:
$ref: '#/definitions/ValidateCustomerChallengeRequest'
responses:
200:
description: Successful operation.
400:
description: Type | Code | Details |
error | invalidRequest | Missing
or invalid Parameters |
schema:
$ref: '#/definitions/ErrorResponse'
401:
description: Type | Code | Details |
error | unAuthorized | Authorization
credentials are missing or invalid |
schema:
$ref: '#/definitions/ErrorResponse'
403:
description: Type | Code | Details | More
Info |
error | accessNotConfigured | The request
operation is not configured to access this resource | Channel/Country/Business
provided in the request is not supported currently |
schema:
$ref: '#/definitions/ErrorResponse'
404:
description: Type | Code | Details | More
Info |
error | resourceNotFound | The requested
resource was not found | Empty resource/resource not found |
schema:
$ref: '#/definitions/ErrorResponse'
422:
description: Type | Code | Details |
error | businessValidationFailed | Business
validation error occured on one or more parameters |
schema:
$ref: '#/definitions/ErrorResponse'
500:
description: Type | Code | Details |
fatal | serverUnavailable | The
request failed due to an internal error/server unavailability |
schema:
$ref: '#/definitions/ErrorResponse'
definitions:
RetrieveChallengeRequest:
properties:
customerId:
description: Unique identifier of the customer
type: string
example: "123456789012"
legalRepresentativeId:
description: Unique identifier for corporate legal Representative
type: string
example: "01"
required:
- customerId
- legalRepresentativeId
RetrieveChallengeResponse:
properties:
challengeQuestion:
description: Challenge code generated by the SPA service at server, which
is used by the customer to generate the OTP
type: string
example: "123456"
expiryDuration:
description: Challenge code expiry time
type: string
example: 00:30
ValidateCustomerChallengeRequest:
type: object
required:
- oneTimePasswordToken
- mfaTransactionType
- mfaTransactionId
properties:
oneTimePasswordToken:
description: Validation code generated by hardware token
type: string
example: "123456"
mfaTransactionType:
description: Field indicates the transaction type for which the authentication
is requested, for Login or Risk Transaction
type: string
enum:
- LOGIN
- RISK
default: LOGIN
mfaTransactionId:
description: The transaction to apply the challenge
type: string
example: "1234567890"
ErrorResponse:
properties:
type:
type: string
description: Invalid - Request did not confirm to the specification and was
unprocessed and rejected. Please fix the value and try again
enum:
- error
- warn
- invalid
- fatal
code:
description: Error code which qualifies the error
type: string
details:
description: Human readable explanation specific to the occurrence of the
problem
type: string
location:
description: The name of the field that resulted in the error
type: string
moreInfo:
description: URI to human readable documentation or detailed description of
the error
type: string
uuid:
description: 128 bit UUID that you generate for every request
type: string
timestamp:
description: Timestamp of the error
type: string
required:
- type
- code
x-ibm-configuration:
enforced: true
testable: true
phase: realized
securityDefinitions:
OAuth2 Application Flow:
type: oauth2
description: ""
flow: application
scopes:
/api/v1: ""
tokenUrl: https://api.banamex.com/mx-gcgapi/api/v1/oauth/token
Client ID:
type: apiKey
description: ""
in: header
name: X-IBM-Client-Id
security:
- OAuth2 Application Flow:
- /api/v1
Client ID: []
x-ibm-endpoints:
- endpointUrl: https://api.banamex.com/mx-gcgapi
type:
- production
- development
...