Schemas Postman

IB Password Restore POST

Request password restore (if user exists then verification and confirmation codes will be send)

# ENDPOINT
/oauth/v2/passwordRestore
# REQUEST BODY
Schema: passwordRestore
Type: object
Variable Name Type Format Usage Description
client_id Client Id string M Client identifier issued to the client by the external system
client_timezone Client Timezone string M Client timezone offset (to GMT)
ip IP string Client IP address
redirect_uri Redirect URI string M Indicates the URI to return the user to after authorization is complete
response_type Response Type string M Indicates that your server expects to receive an authorization code. Values: "access_token","code","sign_token"
scope Scope of Access string M Scope of access
source_system Source system string M Source system. For Internetbank please setup "IB"
state State string M Client server session id (to prevent MITM requests)
username Client\'s Username string M Client username in the external System (e-mail or phone number with "+" and country code)
# REQUEST BODY EXAMPLE
							{
    "response_type":"code",
    "client_id":"ib_localhost",
    "redirect_uri":"http:\/\/localhost",
    "scope":"CUSTOMER:PASSWORD:RESTORE",
    "state":"5e982a097260d146803b5da13b1a19c2",
    "username":"bpmtestusr1@gmail.com",
    "ip":"::1",
    "client_timezone":"-3",
    "source_system":"IB"
}
# POSITIVE RESPONSE

200 - Response successfully when status is OK

200 - Response successfully when status is OK

Schema: passwordRestoreResponse
Type: application/json
Variable Name Type Format Description
code Verification code integer The verification code that was sent to the MFA device
error Error Code string Error code
error_description Error Description string Description of error
mfa_token MFA Token string Multi-factor authentication token
# RESPONSE POSITIVE EXAMPLE
							{
    "mfa_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImN0eSI6IiJ9.eyJpc3MiOiJodHRwczpcL1wvYXBpLm4wLmVsY29pbi5jby51a1wvIiwic3ViIjoiRU4wMDAwMENZIiwiYWN0Ijp7InN1YiI6IkVOMDAwMDBDWSJ9LCJleHAiOjE2MjY5NDAzMjksImp0aSI6ImUyOThkMzc4LTdlOWQtMjg5My04NDE0LThlMDI2MDY4MzJlYiIsInNpZCI6ImUyOThkMzc4LTdlOWQtMjg5My04NDE0LThlMDJmMGZlMmVlYiIsImFtciI6Im9vYjplbWFpbDpicG10ZXN0dXNyMUBnbWFpbC5jb20iLCJjbGllbnRfaWQiOiJpYl9sb2NhbGhvc3QiLCJzY29wZSI6Im1mYV90b2tlbjo3MDI0IiwidG9rZW5fdHlwZSI6ImJlYXJlciIsImV4cGlyZXMiOiIyMDIxLTA3LTIyVDA3OjUyOjA5LjAwMC0wMDowMCIsImlzc3VlZF9hdCI6IjE5NzAtMDEtMDFUMDA6MDA6MDAuMDAwLTAwOjAwIn0.e5FnOS_80-BlG_O1GosN-IhIu5EUDkh6IHUQMUKAiDI",
    "code": "7024",
    "error": "mfa_code_required",
    "error_description": "Please confirm challenge with sent code",
    "state": "5e982a097260d146803b5da13b1a19c2"
}
# NEGATIVE RESPONSE

400 - Response with error when status is ERROR

400 - Response with error when status is ERROR

Schema: HeaderResponseStatusErrorOAuth
Type: application/json
Variable Name Type Format Description
error_description Error Description string Description of error
error Error Code string Error code
# RESPONSE NEGATIVE EXAMPLE
							{
    "error": "access_denied",
    "error_description": "The resource owner or authorization server denied the request.",
    "state": "5e982a097260d146803b5da13b1a19c2"
}
# Other endpoints
Name Endpoint
Fetch Access / Refresh Token /oauth/v2/token
oAuth. Fetch role by request /api/oAuthRepresentativeRole/getData/oAuthRepresentativeRoleSearchRequest
IB Login /oauth/v2/login
IB Challenge /oauth/v2/challenge
IB Sign /oauth/v2/sign
oAuth. Change password by request /api/oAuthSecurity/changePassword/oAuthChangePasswordRequest
oAuth. Fetch device by request /api/oAuthDevice/getData/oAuthDeviceSearchRequest
oAuth. Create/update device /model/oAuthDevice/putDb
oAuth. Set device status by Request /api/oAuthDevice/setDeviceStatus/oAuthDeviceStatusRequest
IB Password Restore Reset /oauth/v2/passwordRestoreReset
IB Password Restore Verification /oauth/v2/passwordRestoreVerification