Authentication API
Version: v1.0
Specification Release Notes Other versions
Two-factor authentication (2FA) is an additional security layer for your business applications. Traditional username/password approach is vulnerable, especially in today's environment where everything is online. 2FA aims to increase the security level of a standard password-only approach.
Base URLs
2FA Application Service
Users can create multiple 2FA applications and configurations through the 2FA API. tyntec stores these configurations so that users can select between own 2FA applications and the corresponding linked configuration. Those configurations will be used when delivering One-Time Passwords (OTP). For each user, there is the default 2FA application which contains default values and the English language template. This default application will be used in the case no 2FA application ID is specified in an OTP delivery request. The default 2FA application is configurable and users can set own default parameters or a 2FA application.
List all applications
Code samples
# You can also use wget
curl -X GET https://api.tyntec.com/2fa/v1/application \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
GET https://api.tyntec.com/2fa/v1/application HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/application',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.get 'https://api.tyntec.com/2fa/v1/application',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.get('https://api.tyntec.com/2fa/v1/application', params={
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('GET','https://api.tyntec.com/2fa/v1/application', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/application");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.tyntec.com/2fa/v1/application", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
GET /2fa/v1/application
Returns a list of all applications that were created under your account.
Example responses
200 Response
[
{
"alphanumeric": false,
"attempts": 3,
"expire": 300,
"name": "string",
"pinLength": 4,
"sender": "VERIFY",
"caller": "VERIFY"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The list of applications | Inline |
| 204 | No Content | Empty list. No applications were found for your account. | Inline |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | Not Found | None |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | [TwoFactorAuthApplicationEntity] | false | none | [Two-Factor Authentication Application structure] |
| » alphanumeric | boolean | false | none | Whether the OTP is alphanumeric or not |
| » attempts | integer(int32) | false | none | How many attempts the user can have for this OTP |
| » expire | integer(int64) | false | none | After how many seconds the OTP expires |
| » name | string | false | none | Custom application name |
| » pinLength | integer(int32) | false | none | The length of the auto-generated PIN length. PIN length can be between 4-11 digits. |
| » sender | string | false | none | The sender used for SMS delivery |
| » caller | string | false | none | The caller used for TTS delivery. Using a valid number will improve filtering issues caused by anonymous calls. |
Status Code 204
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | [TwoFactorAuthApplicationEntity] | false | none | [Two-Factor Authentication Application structure] |
| » alphanumeric | boolean | false | none | Whether the OTP is alphanumeric or not |
| » attempts | integer(int32) | false | none | How many attempts the user can have for this OTP |
| » expire | integer(int64) | false | none | After how many seconds the OTP expires |
| » name | string | false | none | Custom application name |
| » pinLength | integer(int32) | false | none | The length of the auto-generated PIN length. PIN length can be between 4-11 digits. |
| » sender | string | false | none | The sender used for SMS delivery |
| » caller | string | false | none | The caller used for TTS delivery. Using a valid number will improve filtering issues caused by anonymous calls. |
Create a 2FA application
Code samples
# You can also use wget
curl -X POST https://api.tyntec.com/2fa/v1/application \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
POST https://api.tyntec.com/2fa/v1/application HTTP/1.1
Host: api.tyntec.com
Content-Type: application/json
Accept: application/json
apiKey: API_KEY
const inputBody = '{
"alphanumeric": false,
"attempts": 3,
"expire": 300,
"name": "string",
"pinLength": 4,
"sender": "VERIFY",
"caller": "VERIFY"
}';
const headers = {
'Content-Type':'application/json',
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/application',
{
method: 'POST',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/json',
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.post 'https://api.tyntec.com/2fa/v1/application',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.post('https://api.tyntec.com/2fa/v1/application', params={
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Content-Type' => 'application/json',
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('POST','https://api.tyntec.com/2fa/v1/application', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/application");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.tyntec.com/2fa/v1/application", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
POST /2fa/v1/application
Creates a 2FA application instance. You can either:
- use the target URI with a POST HTTP request or
- include the application parameters in your request body.
Values that are not defined will be populated with default values.
Body parameter
{
"alphanumeric": false,
"attempts": 3,
"expire": 300,
"name": "string",
"pinLength": 4,
"sender": "VERIFY",
"caller": "VERIFY"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | TwoFactorAuthApplicationEntity | false | The application to be created |
Example responses
200 Response
{
"alphanumeric": false,
"attempts": 3,
"expire": 300,
"name": "string",
"pinLength": 4,
"sender": "VERIFY",
"caller": "VERIFY"
}
Not valid configuration provided
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The new application was created. | TwoFactorAuthApplicationEntity |
| 400 | Bad Request | Not valid configuration provided | ErrorResponse |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | Not Found | None |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
Read a 2FA application
Code samples
# You can also use wget
curl -X GET https://api.tyntec.com/2fa/v1/application/{applicationId} \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
GET https://api.tyntec.com/2fa/v1/application/{applicationId} HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/application/{applicationId}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.get 'https://api.tyntec.com/2fa/v1/application/{applicationId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.get('https://api.tyntec.com/2fa/v1/application/{applicationId}', params={
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('GET','https://api.tyntec.com/2fa/v1/application/{applicationId}', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/application/{applicationId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.tyntec.com/2fa/v1/application/{applicationId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
GET /2fa/v1/application/{applicationId}
Returns a 2FA application. You can get a specific application by using the GET HTTP method and the application’s Universally Unique ID (UUID).
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| applicationId | path | string | true | Application ID to be returned |
Example responses
200 Response
{
"alphanumeric": false,
"attempts": 3,
"expire": 300,
"name": "string",
"pinLength": 4,
"sender": "VERIFY",
"caller": "VERIFY"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The application is included in the response. | TwoFactorAuthApplicationEntity |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | The ID is not valid for this application. | None |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
Edit a 2FA application
Code samples
# You can also use wget
curl -X POST https://api.tyntec.com/2fa/v1/application/{applicationId} \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
POST https://api.tyntec.com/2fa/v1/application/{applicationId} HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/application/{applicationId}',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.post 'https://api.tyntec.com/2fa/v1/application/{applicationId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.post('https://api.tyntec.com/2fa/v1/application/{applicationId}', params={
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('POST','https://api.tyntec.com/2fa/v1/application/{applicationId}', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/application/{applicationId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.tyntec.com/2fa/v1/application/{applicationId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
POST /2fa/v1/application/{applicationId}
Define the parameters that you would like to change in a 2FA application.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| applicationId | path | string | true | This parameter is a part of the URI following the pattern. ${baseURL}/application/{applicationId}. You can specify "default" to reference the default application. |
| name | query | string | false | This parameter represents the custom name for this application. “default” is not allowed, since it is reserved as it maps to the default application for this user. |
| pinLength | query | integer(int32) | false | The length of the auto-generated PIN length. PIN length can be between 4-11 digits. |
| alphaNumeric | query | boolean | false | By default, this parameter is FALSE and the PIN is generated in numeric values. In the case this parameter is TRUE, then the auto-generated PIN will be a lowercase alphanumeric PIN. |
| attempts | query | integer(int32) | false | This parameter controls how many attempts the user is allowed to have in order to validate a delivered OTP. |
| expire | query | integer(int64) | false | This parameter controls the expiration time in seconds after the first OTP delivery request. |
| sender | query | string | false | This parameter controls the sender name upon SMS delivery. |
| caller | query | string | false | This parameter is used to define a number as caller for voice calls. Adding this will improve the call success ratio, as some operators filter anonymous calls. |
| deleteCaller | query | boolean | false | This parameter is used to delete an already defined caller for voice calls. |
Example responses
200 Response
{
"alphanumeric": false,
"attempts": 3,
"expire": 300,
"name": "string",
"pinLength": 4,
"sender": "VERIFY",
"caller": "VERIFY"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The application is included in the response. | TwoFactorAuthApplicationEntity |
| 201 | Created | Created | None |
| 400 | Bad Request | Valid configuration was not provided. | ErrorResponse |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | The ID is not valid for this application. | ErrorResponse |
| 500 | Internal Server Error | Something went wrong. :-( | None |
Delete a 2FA application
Code samples
# You can also use wget
curl -X DELETE https://api.tyntec.com/2fa/v1/application/{applicationId} \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
DELETE https://api.tyntec.com/2fa/v1/application/{applicationId} HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/application/{applicationId}',
{
method: 'DELETE',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.delete 'https://api.tyntec.com/2fa/v1/application/{applicationId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.delete('https://api.tyntec.com/2fa/v1/application/{applicationId}', params={
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('DELETE','https://api.tyntec.com/2fa/v1/application/{applicationId}', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/application/{applicationId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("DELETE");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("DELETE", "https://api.tyntec.com/2fa/v1/application/{applicationId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
DELETE /2fa/v1/application/{applicationId}
You can delete your application if needed by using the DELETE HTTP method. Existing OTPs will still be valid but resend or verification of an OTP will not be possible.
Note: You cannot delete the “default” application.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| applicationId | path | string | true | ID of the application to be deleted |
Example responses
200 Response
{
"alphanumeric": false,
"attempts": 3,
"expire": 300,
"name": "string",
"pinLength": 4,
"sender": "VERIFY",
"caller": "VERIFY"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The application was deleted. | TwoFactorAuthApplicationEntity |
| 204 | No Content | No Content | None |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | The ID is not valid for this application. | ErrorResponse |
| 500 | Internal Server Error | Something went wrong. :-( | None |
Add/Update a language template
Code samples
# You can also use wget
curl -X POST https://api.tyntec.com/2fa/v1/application/{applicationId}/language?language=string&text=string \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
POST https://api.tyntec.com/2fa/v1/application/{applicationId}/language?language=string&text=string HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/application/{applicationId}/language?language=string&text=string',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.post 'https://api.tyntec.com/2fa/v1/application/{applicationId}/language',
params: {
'language' => 'string',
'text' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.post('https://api.tyntec.com/2fa/v1/application/{applicationId}/language', params={
'language': 'string', 'text': 'string'
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('POST','https://api.tyntec.com/2fa/v1/application/{applicationId}/language', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/application/{applicationId}/language?language=string&text=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.tyntec.com/2fa/v1/application/{applicationId}/language", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
POST /2fa/v1/application/{applicationId}/language
You can add or edit a language template by referring to the application UUID resource and the language you want to add or edit. If you specify also the channel optional parameter, the specific template for this delivery channel will be created.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| applicationId | path | string | true | The applicationId of the application you would like to edit. This parameter is part of the URI following the pattern ${baseURL}/application/{applicationId}. You can specify "default" to reference the default application. |
| language | query | string | true | The language locale should be in the ISO 639-1 format. |
| text | query | string | true | The text template for the specific language. Placeholder {{OTP}} must exist at least once. {{SEC}} is an optional placeholder that will replace the “expire” parameter for this application. |
| channel | query | string | false | This optional parameter is set in the case you want to have different template for the same language, depending on the delivery channel, SMS or VOICE. |
Example responses
200 Response
{
"alphanumeric": false,
"attempts": 3,
"expire": 300,
"name": "string",
"pinLength": 4,
"sender": "VERIFY",
"caller": "VERIFY"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The application language template was saved. | TwoFactorAuthApplicationEntity |
| 201 | Created | Created | None |
| 400 | Bad Request | Wrong arguments were provided. | ErrorResponse |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | The ID for this application is not valid. | ErrorResponse |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
Delete a language template
Code samples
# You can also use wget
curl -X DELETE https://api.tyntec.com/2fa/v1/application/{applicationId}/language?language=string \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
DELETE https://api.tyntec.com/2fa/v1/application/{applicationId}/language?language=string HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/application/{applicationId}/language?language=string',
{
method: 'DELETE',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.delete 'https://api.tyntec.com/2fa/v1/application/{applicationId}/language',
params: {
'language' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.delete('https://api.tyntec.com/2fa/v1/application/{applicationId}/language', params={
'language': 'string'
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('DELETE','https://api.tyntec.com/2fa/v1/application/{applicationId}/language', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/application/{applicationId}/language?language=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("DELETE");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("DELETE", "https://api.tyntec.com/2fa/v1/application/{applicationId}/language", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
DELETE /2fa/v1/application/{applicationId}/language
You can delete a language template by referring to the application UUID resource and the language you want to delete. If you specify also the channel optional parameter, the specific template for this delivery channel will be deleted.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| applicationId | path | string | true | This parameter is the applicationId of the application you would like to edit and it is a part of the URI following the pattern ${baseURL}/application/{applicationId}. You can specify "default" to reference the default application. |
| language | query | string | true | The language locale should be in ISO 639-1 format |
| channel | query | string | false | This optional parameter is set in the case you want to have different template for the same language, depending on the delivery channel, SMS or VOICE. |
Example responses
200 Response
{
"alphanumeric": false,
"attempts": 3,
"expire": 300,
"name": "string",
"pinLength": 4,
"sender": "VERIFY",
"caller": "VERIFY"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The language template was deleted. | TwoFactorAuthApplicationEntity |
| 204 | No Content | No Content | None |
| 400 | Bad Request | Wrong arguments were provided. | ErrorResponse |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | The ID is not valid for this application, or the language does not exist. | None |
| 500 | Internal Server Error | Something went wrong. :-( | None |
2FA OTP Service
The OTP service is used for delivering and checking One Time Password (OTP) codes to destination numbers.
List OTPs
Code samples
# You can also use wget
curl -X GET https://api.tyntec.com/2fa/v1/otp?number=string \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
GET https://api.tyntec.com/2fa/v1/otp?number=string HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/otp?number=string',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.get 'https://api.tyntec.com/2fa/v1/otp',
params: {
'number' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.get('https://api.tyntec.com/2fa/v1/otp', params={
'number': 'string'
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('GET','https://api.tyntec.com/2fa/v1/otp', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/otp?number=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.tyntec.com/2fa/v1/otp", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
GET /2fa/v1/otp
You can query the event's endpoint of an OTP delivery instance to get a list of events reported for this delivery.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| number | query | string | true | The destination telephone number in the E.164 format |
Example responses
200 Response
[
{
"accountId": "string",
"applicationId": "string",
"attemptCount": 0,
"created": 0,
"expire": 0,
"number": "string",
"otpId": "string",
"otpStatus": "string",
"referenceId": "string",
"timestampCreated": "string",
"timestampExpire": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The list of OTPs | Inline |
| 204 | No Content | Empty list. No OTPs were found for this account. | Inline |
| 400 | Bad Request | Invalid number format was provided. | ErrorResponse |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | Not Found | None |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | [OtpStatusEntity] | false | none | [OTP Status schema] |
| » accountId | string | false | none | This is your 2FA accountId in the tyntec system. You cannot change this value. |
| » applicationId | string | false | none | The Universally Unique ID (UUID) that identifies the specific application used to deliver this OTP |
| » attemptCount | integer(int32) | false | none | The number of attempts made for this OTP to be validated |
| » created | integer(int64) | false | none | The time in milliseconds in which the OTP request was created |
| » expire | integer(int64) | false | none | The time in milliseconds in which the OTP will expire |
| » number | string | false | none | The destination phone number in the E.164 format |
| » otpId | string | false | none | The OTP ID that the code should be re-sent to |
| » otpStatus | string | false | none | The OTP status. Possible values, ACTIVE, when the OTP is still active; VERIFIED, when the OTP was verified successfully; EXPIRED, when the OTP expired; TOO_MANY_ATTEMPTS, when the OTP validation requests exceeded the maximum allowed by the application configuration. |
| » referenceId | string | false | none | Set your custom reference ID. |
| » timestampCreated | string | false | none | The string timestamp “created” representation in UTC Z format |
| » timestampExpire | string | false | none | The string timestamp “expire” representation in UTC Z format |
Status Code 204
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | [OtpStatusEntity] | false | none | [OTP Status schema] |
| » accountId | string | false | none | This is your 2FA accountId in the tyntec system. You cannot change this value. |
| » applicationId | string | false | none | The Universally Unique ID (UUID) that identifies the specific application used to deliver this OTP |
| » attemptCount | integer(int32) | false | none | The number of attempts made for this OTP to be validated |
| » created | integer(int64) | false | none | The time in milliseconds in which the OTP request was created |
| » expire | integer(int64) | false | none | The time in milliseconds in which the OTP will expire |
| » number | string | false | none | The destination phone number in the E.164 format |
| » otpId | string | false | none | The OTP ID that the code should be re-sent to |
| » otpStatus | string | false | none | The OTP status. Possible values, ACTIVE, when the OTP is still active; VERIFIED, when the OTP was verified successfully; EXPIRED, when the OTP expired; TOO_MANY_ATTEMPTS, when the OTP validation requests exceeded the maximum allowed by the application configuration. |
| » referenceId | string | false | none | Set your custom reference ID. |
| » timestampCreated | string | false | none | The string timestamp “created” representation in UTC Z format |
| » timestampExpire | string | false | none | The string timestamp “expire” representation in UTC Z format |
Send an OTP
Code samples
# You can also use wget
curl -X POST https://api.tyntec.com/2fa/v1/otp?number=string \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
POST https://api.tyntec.com/2fa/v1/otp?number=string HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/otp?number=string',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.post 'https://api.tyntec.com/2fa/v1/otp',
params: {
'number' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.post('https://api.tyntec.com/2fa/v1/otp', params={
'number': 'string'
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('POST','https://api.tyntec.com/2fa/v1/otp', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/otp?number=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.tyntec.com/2fa/v1/otp", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
POST /2fa/v1/otp
Sends an OTP based on your application configuration. Modifies the request based on the optional parameters.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| number | query | string | true | The destination telephone number in the E.164 format |
| applicationId | query | string | false | The UUID of the application you want to use. If not specified, the default will be used. |
| via | query | string | false | SMS/VOICE/AUTO; the channel to deliver the OTP to |
| country | query | string | false | Optional; if you provided a number without a country code, it will be added automatically. |
| language | query | string | false | The language template to be used in the ISO 639-1 codes. If the template is not specified, it will be auto-detected based on the number. If a language template does not exist, it will default to English. |
| text | query | string | false | Text to override the default template. Placeholder {{OTP}} must exist for auto-generation of OTP, otherwise otpCode should be specified. |
| referenceId | query | string | false | Set your custom reference ID. |
| otpCode | query | string | false | Override the auto-generated OTP code. |
| sender | query | string | false | Override the applications sender. |
| caller | query | string | false | Override the applications caller. |
| pinLength | query | string | false | The length of the auto-generated PIN length. PIN length can be between 4-11 digits. |
Detailed description
country: Optional; if you provided a number without a country code, it will be added automatically. If the country code is included but doesn't match the country specified, it will result in an error.
Example responses
200 Response
{
"accountId": "string",
"applicationId": "string",
"attemptCount": 0,
"created": 0,
"expire": 0,
"number": "string",
"otpId": "string",
"otpStatus": "string",
"referenceId": "string",
"timestampCreated": "string",
"timestampExpire": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The result of the OTP with a unique ID | OtpStatusEntity |
| 201 | Created | Created | None |
| 400 | Bad Request | Invalid parameters provided. Look at the response for the specific error. | ErrorResponse |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | Not Found | None |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
Read OTP status
Code samples
# You can also use wget
curl -X GET https://api.tyntec.com/2fa/v1/otp/{otpId} \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
GET https://api.tyntec.com/2fa/v1/otp/{otpId} HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/otp/{otpId}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.get 'https://api.tyntec.com/2fa/v1/otp/{otpId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.get('https://api.tyntec.com/2fa/v1/otp/{otpId}', params={
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('GET','https://api.tyntec.com/2fa/v1/otp/{otpId}', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/otp/{otpId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.tyntec.com/2fa/v1/otp/{otpId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
GET /2fa/v1/otp/{otpId}
Returns the status of an OTP.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| otpId | path | string | true | The OTP ID that the code should be re-sent to. |
Example responses
200 Response
{
"accountId": "string",
"applicationId": "string",
"attemptCount": 0,
"created": 0,
"expire": 0,
"number": "string",
"otpId": "string",
"otpStatus": "string",
"referenceId": "string",
"timestampCreated": "string",
"timestampExpire": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The OTP status | OtpStatusEntity |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | OTP code was not found. | ErrorResponse |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
Re-send an OTP
Code samples
# You can also use wget
curl -X POST https://api.tyntec.com/2fa/v1/otp/{otpId} \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
POST https://api.tyntec.com/2fa/v1/otp/{otpId} HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/otp/{otpId}',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.post 'https://api.tyntec.com/2fa/v1/otp/{otpId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.post('https://api.tyntec.com/2fa/v1/otp/{otpId}', params={
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('POST','https://api.tyntec.com/2fa/v1/otp/{otpId}', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/otp/{otpId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.tyntec.com/2fa/v1/otp/{otpId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
POST /2fa/v1/otp/{otpId}
In the case the end user didn’t receive the OTP in a reasonable time frame, you can use this operation to re-send the same OTP code. The OTP code will be the same as the original one, but you have the option to choose a different delivery channel.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| otpId | path | string | true | The OTP ID that the code should be re-sent to |
| via | query | string | false | You can force a delivery channel by using this parameter. Possible values are AUTO, SMS, or VOICE. The default is “AUTO”, which will use SMS in the case of a mobile number and VOICE in the case of a landline number. |
| sender | query | string | false | In the case you want to override the sender set in the application's configuration, you can specify a sender's name for this OTP delivery. |
| caller | query | string | false | In the case you want to override the caller set in the application's configuration, you can specify a caller's ID for this OTP delivery. |
Example responses
200 Response
{
"accountId": "string",
"applicationId": "string",
"attemptCount": 0,
"created": 0,
"expire": 0,
"number": "string",
"otpId": "string",
"otpStatus": "string",
"referenceId": "string",
"timestampCreated": "string",
"timestampExpire": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OTP was re-sent | OtpStatusEntity |
| 201 | Created | Created | None |
| 400 | Bad Request | The provided parameter is not valid. | ErrorResponse |
| 401 | Unauthorized | OTP is not valid anymore. | ErrorResponse |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | OTP was not found. | ErrorResponse |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
Delete an OTP
Code samples
# You can also use wget
curl -X DELETE https://api.tyntec.com/2fa/v1/otp/{otpId} \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
DELETE https://api.tyntec.com/2fa/v1/otp/{otpId} HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/otp/{otpId}',
{
method: 'DELETE',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.delete 'https://api.tyntec.com/2fa/v1/otp/{otpId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.delete('https://api.tyntec.com/2fa/v1/otp/{otpId}', params={
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('DELETE','https://api.tyntec.com/2fa/v1/otp/{otpId}', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/otp/{otpId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("DELETE");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("DELETE", "https://api.tyntec.com/2fa/v1/otp/{otpId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
DELETE /2fa/v1/otp/{otpId}
You can delete the status of an OTP by using this operation.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| otpId | path | string | true | The OTP ID that the code should be resent to |
Example responses
200 Response
{
"accountId": "string",
"applicationId": "string",
"attemptCount": 0,
"created": 0,
"expire": 0,
"number": "string",
"otpId": "string",
"otpStatus": "string",
"referenceId": "string",
"timestampCreated": "string",
"timestampExpire": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OTP deleted | OtpStatusEntity |
| 204 | No Content | No Content | None |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | OTP was not found. | None |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
List OTP events
Code samples
# You can also use wget
curl -X GET https://api.tyntec.com/2fa/v1/otp/{otpId}/events \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
GET https://api.tyntec.com/2fa/v1/otp/{otpId}/events HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/otp/{otpId}/events',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.get 'https://api.tyntec.com/2fa/v1/otp/{otpId}/events',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.get('https://api.tyntec.com/2fa/v1/otp/{otpId}/events', params={
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('GET','https://api.tyntec.com/2fa/v1/otp/{otpId}/events', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/otp/{otpId}/events");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.tyntec.com/2fa/v1/otp/{otpId}/events", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
GET /2fa/v1/otp/{otpId}/events
You can query the event's endpoint of an OTP delivery instance to get a list of events reported for this delivery.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| otpId | path | string | true | The OTP ID that the code should be re-sent to |
Example responses
200 Response
[
{
"created": 0,
"status": "string",
"statusText": "string",
"timestampCreated": "string",
"type": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The OTP status | Inline |
| 401 | Unauthorized | Unauthorized | None |
| 403 | Forbidden | Forbidden | None |
| 404 | Not Found | OTP code was not found. | ErrorResponse |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | [StatusEvent] | false | none | [Status schema] |
| » created | integer(int64) | false | none | Timestamp in the Epoch/Unix time |
| » status | string | false | none | Event status; possible values are success/failed/null. |
| » statusText | string | false | none | The status reported by the delivery system |
| » timestampCreated | string | false | none | The string timestamp “created” representation in UTC Z format |
| » type | string | false | none | Refer to the next table regarding all event types. |
Validate an OTP
Code samples
# You can also use wget
curl -X POST https://api.tyntec.com/2fa/v1/otp/{otpId}/check?otpCode=string \
-H 'Accept: application/json' \
-H 'apiKey: API_KEY'
POST https://api.tyntec.com/2fa/v1/otp/{otpId}/check?otpCode=string HTTP/1.1
Host: api.tyntec.com
Accept: application/json
apiKey: API_KEY
const headers = {
'Accept':'application/json',
'apiKey':'API_KEY'
};
fetch('https://api.tyntec.com/2fa/v1/otp/{otpId}/check?otpCode=string',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'apiKey' => 'API_KEY'
}
result = RestClient.post 'https://api.tyntec.com/2fa/v1/otp/{otpId}/check',
params: {
'otpCode' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'apiKey': 'API_KEY'
}
r = requests.post('https://api.tyntec.com/2fa/v1/otp/{otpId}/check', params={
'otpCode': 'string'
}, headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'apiKey' => 'API_KEY',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('POST','https://api.tyntec.com/2fa/v1/otp/{otpId}/check', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://api.tyntec.com/2fa/v1/otp/{otpId}/check?otpCode=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("apiKey", "API_KEY");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"apiKey": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.tyntec.com/2fa/v1/otp/{otpId}/check", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
POST /2fa/v1/otp/{otpId}/check
This operation will verify whether the OTP code used matched the OTP code that was generated for this user. To verify an OTP code, you need to provide: 1) the unique OTPId that refers the the OTP delivery request 2) the OTP code sent to the user
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| otpId | path | string | true | The OTP ID that the code should be re-sent to |
| otpCode | query | string | true | otpCode |
Example responses
200 Response
{
"accountId": "string",
"applicationId": "string",
"attemptCount": 0,
"created": 0,
"expire": 0,
"number": "string",
"otpId": "string",
"otpStatus": "string",
"referenceId": "string",
"timestampCreated": "string",
"timestampExpire": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | OtpStatusEntity |
| 201 | Created | Created | None |
| 202 | Accepted | The provided OTP is valid. | OtpStatusEntity |
| 401 | Unauthorized | The provided OTP code is not valid. | OtpStatusEntity |
| 403 | Forbidden | OTP expired because of too many attempts made. | OtpStatusEntity |
| 404 | Not Found | OTP was not found. | None |
| 410 | Gone | OTP is not active anymore. | OtpStatusEntity |
| 500 | Internal Server Error | Something went wrong. :-( | ErrorResponse |
Schemas
OtpStatusEntity
{
"accountId": "string",
"applicationId": "string",
"attemptCount": 0,
"created": 0,
"expire": 0,
"number": "string",
"otpId": "string",
"otpStatus": "string",
"referenceId": "string",
"timestampCreated": "string",
"timestampExpire": "string"
}
OTP Status schema
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| accountId | string | false | none | This is your 2FA accountId in the tyntec system. You cannot change this value. |
| applicationId | string | false | none | The Universally Unique ID (UUID) that identifies the specific application used to deliver this OTP |
| attemptCount | integer(int32) | false | none | The number of attempts made for this OTP to be validated |
| created | integer(int64) | false | none | The time in milliseconds in which the OTP request was created |
| expire | integer(int64) | false | none | The time in milliseconds in which the OTP will expire |
| number | string | false | none | The destination phone number in the E.164 format |
| otpId | string | false | none | The OTP ID that the code should be re-sent to |
| otpStatus | string | false | none | The OTP status. Possible values, ACTIVE, when the OTP is still active; VERIFIED, when the OTP was verified successfully; EXPIRED, when the OTP expired; TOO_MANY_ATTEMPTS, when the OTP validation requests exceeded the maximum allowed by the application configuration. |
| referenceId | string | false | none | Set your custom reference ID. |
| timestampCreated | string | false | none | The string timestamp “created” representation in UTC Z format |
| timestampExpire | string | false | none | The string timestamp “expire” representation in UTC Z format |
StatusEvent
{
"created": 0,
"status": "string",
"statusText": "string",
"timestampCreated": "string",
"type": "string"
}
Status schema
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| created | integer(int64) | false | none | Timestamp in the Epoch/Unix time |
| status | string | false | none | Event status; possible values are success/failed/null. |
| statusText | string | false | none | The status reported by the delivery system |
| timestampCreated | string | false | none | The string timestamp “created” representation in UTC Z format |
| type | string | false | none | Refer to the next table regarding all event types. |
TwoFactorAuthApplicationEntity
{
"alphanumeric": false,
"attempts": 3,
"expire": 300,
"name": "string",
"pinLength": 4,
"sender": "VERIFY",
"caller": "VERIFY"
}
Two-Factor Authentication Application structure
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| alphanumeric | boolean | false | none | Whether the OTP is alphanumeric or not |
| attempts | integer(int32) | false | none | How many attempts the user can have for this OTP |
| expire | integer(int64) | false | none | After how many seconds the OTP expires |
| name | string | false | none | Custom application name |
| pinLength | integer(int32) | false | none | The length of the auto-generated PIN length. PIN length can be between 4-11 digits. |
| sender | string | false | none | The sender used for SMS delivery |
| caller | string | false | none | The caller used for TTS delivery. Using a valid number will improve filtering issues caused by anonymous calls. |
ErrorResponse
{
"code": "string",
"id": "string",
"message": "string",
"timestamp": 0
}
Error Response schema
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| code | string | false | none | The reason for an unsuccessful attempt |
| id | string | false | none | Error code ID |
| message | string | false | none | Textual representation of the code, containing further information |
| timestamp | integer(int64) | false | none | Timestamp in Epoch/Unix time |