Description
To initiate the account recovery process, use this method with one of the codes provided in the response during the configuration of the initial Multi-Factor Authentication (MFA) channel.
Please note that this method validates the user’s credentials beforehand. Therefore, if the user’s credentials are incorrect, an error response may be received from the login endpoint.
Following the use of this method, utilize the granted access_token to update or delete your MFA channel. This will allow access to your account through the regular flow.
Endpoint URL:
POST https://{your-endpoint-domain.com}/activityid/v1/mfa/consume
Request parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
| Authorization | “Bearer app_token” Literal text Bearer followed by app_token that is the token obtained from /oauth2/token endpoint | string | yes |
| Content-Type | The type of content that will be used for requests to be JSON | string | yes |
| Accept | The type of content that will be used for responses to be JSON | string | yes |
| From | Name of the entry point | string | yes |
| Accept-Language | Language for this request | Locale | no |
Query string parameters
Request Example
| Parameter | Description | Type | Required | Value |
|---|---|---|---|---|
| actor.id | app_id of the application you are using to log user | string | yes | app id |
| actor.objectType | Type of the object which represents the actor. | string | yes | ‘person’ |
| verb | Verb used for recovering the account | string | yes | ‘consume’ |
| object.objectType | ObjectType represents the user | string | yes | ‘user’ |
| object.password | Password of the user. it must be send plain | string | yes | user password |
| object.ids.email | Structure of email identifier. node name must be “email” | struct | yes | |
| object.ids .email.objectType | ObjectType represents the id of the user | string | yes | ‘user_id’ |
| object.ids.email.value | Email value | string | yes | email value |
| source.id | Type of device doing the activity | string | yes | ‘unknown’ | ‘pc’ | ‘mobile’ | ‘tablet’ | ‘game_console’ | ‘itv’ |
| source.objectType | Type of source | string | yes | ‘device’ |
| context.mfa_channel | Name of the MFA channel | string | yes | ‘sms’ |
Response examples
Response: MFA Account Recovered
| result | Common http result | struct |
| result.status | Http code | integer |
| result.message | A description that describes the result of the operation | string |
Response codes
| Code | Type | Description |
|---|---|---|
| 400 | Error | Bad Request: The request could not be understood by the server due to malformed syntax |
| 401 | Error | Unauthorized: authentication is required and has failed or has not yet been provided (token is invalid, etc) |
| 417 | Error | MFA Error: There is a problem with MFA, you will receive a detailed error description |
| 500 | Error | Internal Server Error: The server encountered an unexpected condition which prevented it from fulfilling the request |
| 504 | Error | Gateway TimeoutService can not contact with oauth server to do some internal operations |
| 200 | Success | Account Recovered successfully |