IB Password Restore Verification POST

Verify password restore MFA confirnation code

# ENDPOINT
/oauth/v2/passwordRestoreVerification
# REQUEST BODY
Schema: passwordRestoreVerification
Type: object
Variable Name Type Format Usage Description
client_id Client Id string Client identifier issued to the client by the external system
client_timezone Client Timezone string Client timezone offset (to GMT)
code Verification code integer M The verification code that was sent to the MFA device
grant_type Grant Type string M Grant type. Values: "client_credentials", "mfa_oob", "code", "password"
ip IP string Client IP address
mfa_token MFA Token string M Multi-factor authentication token
redirect_uri Redirect URI string Indicates the URI to return the user to after authorization is complete
response_type Response Type string M Indicates that your server expects to receive an authorization code. Values: "access_token","code","sign_token"
scope Scope of Access string M Scope of access
source_system Source system string Source system. For Internetbank please setup "IB"
state State string M Client server session id (to prevent MITM requests)
# REQUEST BODY EXAMPLE
							{
    "response_type":"access_token",
    "grant_type":"mfa_oob",
    "client_id":"ib_localhost",
    "redirect_uri":"http:\/\/localhost",
    "scope":"CUSTOMER:PASSWORD:RESTORE",
    "state":"5e982a097260d146803b5da13b1a19c2",    "mfa_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImN0eSI6IiJ9.eyJpc3MiOiJodHRwczpcL1wvYXBpLm4wLmVsY29pbi5jby51a1wvIiwic3ViIjoiRU4wMDAwMENZIiwiYWN0Ijp7InN1YiI6IkVOMDAwMDBDWSJ9LCJleHAiOjE2MjY4NTU5NzEsImp0aSI6ImI0OTFlZmVhLWJiZWEtMmViYi04MzE0LTM2ZjM1OGRiMDVhYiIsInNpZCI6ImI0OTFlZmVhLWJiZWEtMmViYi04MzE0LTM2ZjMyOGMzMDJhYiIsImFtciI6Im9vYjplbWFpbDpicG10ZXN0dXNyMUBnbWFpbC5jb20iLCJjbGllbnRfaWQiOiJpYl9sb2NhbGhvc3QiLCJzY29wZSI6Im1mYV90b2tlbjoyNjA3IiwidG9rZW5fdHlwZSI6ImJlYXJlciIsImV4cGlyZXMiOiIyMDIxLTA3LTIxVDA4OjI2OjExLjAwMC0wMDowMCIsImlzc3VlZF9hdCI6IjE5NzAtMDEtMDFUMDA6MDA6MDAuMDAwLTAwOjAwIn0.Nm0IHudmLdSZ4QvVQYk2-ZgFfEFsdjoyCg_x4g2gFdU",
    "code":"413893",
    "ip":"::1",
    "client_timezone":"-3",
    "source_system":"IB"
}						
# POSITIVE RESPONSE

200 - Response successfully when status is OK

200 - Response successfully when status is OK

Schema: passwordRestoreVerificationResponse
Type: application/json
Variable Name Type Format Description
access_token access_token string access token
scope Scope of Access string Scope of access
state State string Client server session id (to prevent MITM requests)
token_type token_type string token type
expires_in Expires In integer Expiration time in seconds
# RESPONSE POSITIVE EXAMPLE
							{
    "scope": "CUSTOMER:PASSWORD:RESTORE",
    "access_token": "eyJ0eXAiOiJhY2Nlc3NfdG9rZW4iLCJhbGciOiJIUzI1NiIsImN0eSI6IiJ9.eyJpc3MiOiJodHRwczpcL1wvYXBpLm4wLmVsY29pbi5jby51a1wvIiwic3ViIjoiRU4wMDAwMENZIiwiYWN0Ijp7InN1YiI6IkVOMDAwMDBDWSJ9LCJleHAiOjE2MjY4NTY5MTcsImp0aSI6ImI0OTFlZmVhLWJiZWEtMmViYi04MzE0LTM4ZjM2OGZjZDZkOCIsInNpZCI6ImI0OTFlZmVhLWJiZWEtMmViYi04MzE0LTM4ZjNjMDA2YWNkOCIsImFtciI6Im9vYjplbWFpbDpicG10ZXN0dXNyMUBnbWFpbC5jb20iLCJjbGllbnRfaWQiOiJpYl9sb2NhbGhvc3QiLCJzY29wZSI6IkNVU1RPTUVSOlBBU1NXT1JEOlJFU1RPUkUiLCJ0b2tlbl90eXBlIjoiYmVhcmVyIiwiZXhwaXJlcyI6IjIwMjEtMDctMjFUMDg6NDE6NTcuMDAwLTAwOjAwIiwiaXNzdWVkX2F0IjoiMTk3MC0wMS0wMVQwMDowMDowMC4wMDAtMDA6MDAifQ.WtLimYdNE4ZocJ4BojfcWxFRaZpWmGePxDGdYRKTwvs",
    "token_type": "Bearer",
    "expires_in": 1800,
    "state": "5e982a097260d146803b5da13b1a19c2"
}						
# NEGATIVE RESPONSE

200 - Response with error when status is ERROR

200 - Response with error when status is ERROR

Schema: HeaderResponseStatusError
Type: object
Variable Name Type Format Description
status status string Request execution status
error_description Error Description string Description of error
error Error Code string Error code
data_type data_type string Type of data
total_records total_records string Total count of records
data data object Empty object
# RESPONSE NEGATIVE EXAMPLE
							{
    "status": "error",
    "error_description": "ERROR: Invalid handle.  Not initialized or points to a deleted object. (3135)",
    "error": {},
    "data_type": "oauth.v2.passwordRestoreVerification.",
    "total_records": 1,
    "data": {}
}