Paths
/v1/x-global/security/challenge/retrieve
API called when the user requires a challenge
The client ID you received during application registration in the developer portal
Bearer token adquired from API Gateway OAUTH service.
Content-Types that are acceptable for the response
Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send.
Language to be send to the backend systems. The supported values are 'es' for spanish and 'en' for english.
{
"default": "es"
}Content-Types that are sent in the request
{
"default": "application\/json"
}2 character ISO country code
{
"default": "MX"
}3 character business code
{
"default": "GCB"
}channel ID used by the user, it is required for the first call in a new session.
Session is generated and returned on the first API call as response header, which needs to be resent on succesive calls of same session
Authentication Successful
| Type | Code | Details |
| invalid | invalidRequest | Missing or invalid Parameters |
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid. |
| Type | Code | Details |
| error | accessNotConfigured | The request operation is not configured to access this resource. |
| Type | Code | Details |
| invalid | Application not found | The element searching was not found |
| Type | Code | Details |
| error | businessValidationFailed | Business validation error occured on one or more parameter |
| Type | Code | Details |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
/v1/x-global/security/challenge/validate
API to validate a challenge
This API is called when the channel needs to validate a challenge.
The client ID you received during application registration in the developer portal
Bearer token adquired from API Gateway OAUTH service.
Content-Types that are acceptable for the response
Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send.
Language to be send to the backend systems. The supported values are 'es' for spanish and 'en' for english.
{
"default": "es"
}Content-Types that are sent in the request
{
"default": "application\/json"
}2 character ISO country code
{
"default": "MX"
}3 character business code
{
"default": "GCB"
}channel ID used by the user, it is required for the first call in a new session.
Session is generated and returned on the first API call as response header, which needs to be resent on succesive calls of same session
Request body to authenticate Citibanamex retail banking customer.
Authentication Successful
| Type | Code | Details |
| invalid | invalidRequest | Missing or invalid Parameters |
| error | cannotDecryptData | Cannot decrypt, please validate the encrypted value |
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid. |
| invalid | authenticationFailed | 206-federated password authentication fails |
| Type | Code | Details |
| error | accessNotConfigured | The request operation is not configured to access this resource. |
| Type | Code | Details |
| invalid | Application not found | The element searching was not found |
| Type | Code | Details |
| error | businessValidationFailed | Business validation error occured on one or more parameter |
| Type | Code | Details |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability | fatal | backendError | Failed during a call to backend service |
Definitions
Success body response after requesting a Challenge
{
"type": "object",
"properties": {
"challengeQuestion": {
"type": "string",
"example": "87295410",
"description": "Challenge received success given by the SPA service."
}
},
"required": [
"challengeQuestion"
]
}
Request parameters are require for getting a correct and successful authentication of the client by a challengen validation
{
"type": "object",
"properties": {
"challengeQuestion": {
"type": "string",
"example": "87295410",
"description": "Challenge previously received (must be same as the given from get challenge service), composed by 8 digit numbers."
},
"oneTimePasswordToken": {
"type": "string",
"example": "17364892",
"description": "Challenge token generated by the hardToken or softToken assigned to the client."
}
},
"required": [
"challengeQuestion",
"oneTimePasswordToken"
]
}
Success body response after requesting a Challenge
{
"type": "object",
"properties": {
"responseMessage": {
"type": "string",
"example": "SEG: BIENVENIDO A LA RED BANAMEX.",
"description": "Message produced after a success Challenge generation"
}
}
}
{
"required": [
"code",
"details",
"type"
],
"properties": {
"type": {
"type": "string",
"description": "Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again",
"enum": [
"error",
"warn",
"invalid",
"fatal"
]
},
"code": {
"type": "string",
"description": "Error code which qualifies the error"
},
"details": {
"type": "string",
"description": "Human readable explanation specific to the occurrence of the problem"
},
"location": {
"type": "string",
"description": "The name of the field that resulted in the error"
},
"moreInfo": {
"type": "string",
"description": "URI to human readable documentation of the error"
}
}
}