production
development
https://api.banamex.com/mx-gcgapi
Paths
/v1/x-global/bne/security/authenticate/challenge/info/validate
post /v1/x-global/bne/security/authenticate/challenge/info/validate
bne-validate-challenge-info
LOB: BNE, feature: login challenge, functionality: validate
This API is used to send the information of the authenticate customer by validating the challenge code for BNE
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
Token URL
https://api.banamex.com/mx-gcgapi/api/v1/oauth/token
Scopes
/api/v1
Client ID
X-IBM-Client-Id
(apiKey located in header)
client_id
Required in header
string
Client ID generated during application registration
Authorization
Required in header
string
The Authorization Token received during login
Accept
Required in header
string
Content-Types that are acceptable for the response
uuid
Required in header
string
128 bit UUID that you generate for every request
Accept-Language
Optional in header
string
List of acceptable human languages for response
Content-Type
Required in header
string
Content-Types that are sent in the request
countryCode
Required in header
string
Country code in 2 character ISO 3166 format
businessCode
Required in header
string
Business code identified durin application registration
ChannelId
Required in header
string
Channel where request originated
sid
Required in header
string
Session is generated and returned on the first API call of the key exchange (GET e2e call) as response header, which needs to be resent on succesive calls of same session.
validateCustomerChallengeRequest
Optional in body
object
200
Successful operation.
400
| Type | Code | Details |
| error | invalidRequest | Missing or invalid Parameters |
401
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid |
403
| Type | Code | Details | More Info |
| error | accessNotConfigured | The request operation is not configured to access this resource | Channel/Country/Business provided in the request is not supported currently |
404
| Type | Code | Details | More Info |
| error | resourceNotFound | The requested resource was not found | Empty resource/resource not found |
422
| Type | Code | Details |
| error | businessValidationFailed | Business validation error occured on one or more parameters |
500
| Type | Code | Details |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
Example Request
Example Response
POST https://api.banamex.com/mx-gcgapi/api/v1/x-global/bne/security/authenticate/challenge/info/validate
Try this operation
Definitions
{
"type": "object",
"required": [
"oneTimePasswordToken",
"mfaTransactionType",
"mfaTransactionId"
],
"properties": {
"oneTimePasswordToken": {
"description": "Validation code generated by hardware token",
"type": "string",
"example": "123456"
},
"mfaTransactionType": {
"description": "Field indicates the transaction type for which the authentication is requested, for Login or Risk Transaction",
"type": "string",
"enum": [
"LOGIN",
"RISK"
],
"default": "LOGIN"
},
"mfaTransactionId": {
"description": "The transaction to apply the challenge",
"type": "string",
"example": "1234567890"
},
"arcsight": {
"$ref": "#/definitions/Arcsight"
}
}
}
{
"type": "object",
"properties": {
"applicationName": {
"description": "Name of the application or in its absence the simple name of the browser.",
"type": "string",
"example": "bpm"
},
"applicationPlatformName": {
"description": "Platform and version used by the application.",
"type": "string",
"example": "BackBase 5.7.3"
},
"arcsightActionCode": {
"description": "Code for arcsight repository 0 - backup, log file 1 - send, log file 2 - disable arcsight.",
"enum": [
"0",
"1",
"2"
],
"type": "string",
"example": "0"
},
"dataCenterLocation": {
"description": "Data center location",
"type": "string",
"example": "1234"
},
"destinationIpAddress": {
"description": "IP address of the destination API server.",
"type": "string",
"example": "169.193.251.49"
},
"destinationPort": {
"description": "Destination port information used to identify the application/web server service.",
"type": "string",
"example": "443"
},
"hardwareId": {
"description": "Mobile Hardware Id",
"type": "string",
"example": "098H52ST479QE053V2"
},
"hostName": {
"description": "Hostname associated with the Destination IP address.",
"type": "string",
"example": "olb-mxmtu1ap1.nam.nsroot.net"
},
"legalRepresentativeId": {
"description": "Unique identifier for corporate legal Representative.",
"type": "string",
"example": "01"
},
"userAgent": {
"description": "User Agent of the device. Browser Type e.g Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36",
"type": "string",
"example": "Mozilla"
},
"userId": {
"description": "Id to uniquely Identify the user. Value- Customer number.",
"type": "string",
"example": "123456789012",
"maxLength": 12
},
"aliasName": {
"description": "Name or email of the user.",
"type": "string",
"example": "hugo.enrique.wilthewestefan@citi.com",
"maxLength": 150
},
"userIdType": {
"description": "Type of login ID used to authenticate",
"type": "string",
"enum": [
"ALIAS",
"CUSTOMER_NUM"
],
"example": "CUSTOMER_NUM"
},
"deviceTokenCookie": {
"description": "The value of the cookie. Device token cookie is to be passed for all the requests excluding the first request.",
"type": "string",
"example": "123456789"
},
"ipAddress": {
"description": "Ip address of the device.",
"type": "string",
"example": "192.168.0.0"
},
"operationDate": {
"description": "Exact time in which the operation was sent, including the time zone.",
"type": "string",
"format": "date-time",
"example": "May 24 2019 13:12:09 CST"
}
},
"required": [
"applicationName",
"applicationPlatformName",
"arcsightActionCode",
"dataCenterLocation",
"destinationIpAddress",
"destinationPort",
"hardwareId",
"hostName",
"legalRepresentativeId",
"userAgent",
"userId",
"deviceTokenCookie",
"ipAddress",
"operationDate"
]
}
{
"properties": {
"type": {
"type": "string",
"description": "Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again",
"enum": [
"error",
"warn",
"invalid",
"fatal"
]
},
"code": {
"description": "Error code which qualifies the error",
"type": "string"
},
"details": {
"description": "Human readable explanation specific to the occurrence of the problem",
"type": "string"
},
"location": {
"description": "The name of the field that resulted in the error",
"type": "string"
},
"moreInfo": {
"description": "URI to human readable documentation or detailed description of the error",
"type": "string"
},
"uuid": {
"description": "128 bit UUID that you generate for every request",
"type": "string"
},
"timestamp": {
"description": "Timestamp of the error",
"type": "string"
}
},
"required": [
"type",
"code"
]
}