--- swagger: "2.0" info: title: XLG-PAT-P-BneScrChallenge description: This microservice will be used for challenge validation/generation of BNE customers, when they need a Second Authentication Factor version: 1.0.0 x-ibm-name: xlg-pat-p-bnescrchallenge host: 127.0.0.1 schemes: - https basePath: /api produces: - application/json paths: /v1/x-global/bne/security/authenticate/challenge/retrieve: post: tags: - bne-retrieve-challenge operationId: bne-retrieve-challenge summary: To get a challenge code for authenticating a customer for BNE description: This API is used to get a challenge code for authenticating a customer for BNE consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified durin application registration - name: ChannelId in: header required: true type: string description: Channel where request originated - name: sid in: header required: true type: string description: Session is generated and returned on the first API call of the key exchange (GET e2e call) as response header, which needs to be resent on succesive calls of same session. - name: retrieveChallengeRequest in: body schema: $ref: '#/definitions/RetrieveChallengeRequest' responses: 200: description: Successful operation. schema: $ref: '#/definitions/RetrieveChallengeResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' /v1/x-global/bne/security/authenticate/challenge/validate: post: tags: - bne-validate-challenge operationId: bne-validate-challenge summary: To authenticate customer by validating the challenge code for BNE description: This API is used to authenticate customer by validating the challenge code for BNE consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified durin application registration - name: ChannelId in: header required: true type: string description: Channel where request originated - name: sid in: header required: true type: string description: Session is generated and returned on the first API call of the key exchange (GET e2e call) as response header, which needs to be resent on succesive calls of same session. - name: validateCustomerChallengeRequest in: body schema: $ref: '#/definitions/ValidateCustomerChallengeRequest' responses: 200: description: Successful operation. 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' definitions: RetrieveChallengeRequest: properties: customerId: description: Unique identifier of the customer type: string example: "123456789012" legalRepresentativeId: description: Unique identifier for corporate legal Representative type: string example: "01" required: - customerId - legalRepresentativeId RetrieveChallengeResponse: properties: challengeQuestion: description: Challenge code generated by the SPA service at server, which is used by the customer to generate the OTP type: string example: "123456" expiryDuration: description: Challenge code expiry time type: string example: 00:30 ValidateCustomerChallengeRequest: type: object required: - oneTimePasswordToken - mfaTransactionType - mfaTransactionId properties: oneTimePasswordToken: description: Validation code generated by hardware token type: string example: "123456" mfaTransactionType: description: Field indicates the transaction type for which the authentication is requested, for Login or Risk Transaction type: string enum: - LOGIN - RISK default: LOGIN mfaTransactionId: description: The transaction to apply the challenge type: string example: "1234567890" ErrorResponse: properties: type: type: string description: Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again enum: - error - warn - invalid - fatal code: description: Error code which qualifies the error type: string details: description: Human readable explanation specific to the occurrence of the problem type: string location: description: The name of the field that resulted in the error type: string moreInfo: description: URI to human readable documentation or detailed description of the error type: string uuid: description: 128 bit UUID that you generate for every request type: string timestamp: description: Timestamp of the error type: string required: - type - code x-ibm-configuration: enforced: true testable: true phase: realized securityDefinitions: OAuth2 Application Flow: type: oauth2 description: "" flow: application scopes: /api/v1: "" tokenUrl: https://api.banamex.com/mx-gcgapi/api/v1/oauth/token Client ID: type: apiKey description: "" in: header name: X-IBM-Client-Id security: - OAuth2 Application Flow: - /api/v1 Client ID: [] x-ibm-endpoints: - endpointUrl: https://api.banamex.com/mx-gcgapi type: - production - development ...