IB Login POST

Authentificate customer with login and pasword

# ENDPOINT
/oauth/v2/login
# REQUEST BODY
Schema: login

Login Request

Type: object
Variable Name Type Format Usage Description
client_id Client Id string M The client identifier issued to the client during the registration process
client_timezone Client Timezone string M Client timezone offset (to GMT)
ip IP string M Client IP address
password Password string M Client password
redirect_uri Redirect URI string M Indicates the URI to return the user to after authorization is complete
response_type Response Type string M Indicates that your server expects to receive an authorization code. Values: "access_token","code","sign_token"
scope Scope of Access string M Scope of access
source_system Source system string M Source system. For Internetbank please setup "IB"
state State string M Client server session id (to prevent MITM requests)
username Client Username string M Client username (e-mail or phone number with "+" and country code)
# REQUEST BODY EXAMPLE
							{
    "response_type":"code",
    "client_id":"ib_localhost",
    "redirect_uri":"http:\/\/localhost",
    "scope":"CUSTOMER:FULL",
    "state":"5e982a097260d146803b5da13b1a19c2",
    "username":"bpmtestusr1@gmail.com",
    "password":"111111",
    "ip":"::1",
    "client_timezone":"-3",
    "source_system":"IB"
}						
# POSITIVE RESPONSE

200 - Response successfully when status is OK

200 - Response successfully when status is OK

If error="mfa_required" then challenge_type contains list of MFA devices (second factor) and mfa_token contains one time token to request MFA code.

Schema: HeaderResponseStatusOkLogin
Type: application/json
Variable Name Type Format Description
challenge_type Challenge Type string List of authorization devices
binding_method Binding Method string Binding Method. Default value: "prompt"
mfa_token MFA Token string Multi-factor authentication token
error Error Code string Error code
error_description Error Description string Description of error
state State string Client server session id (to prevent MITM requests)
# RESPONSE POSITIVE EXAMPLE
							{
    "challenge_type": "oob:phone:*0361:API%20phone oob:email:b*1@gmail.com:API%20mail oob:phone:*9143959:Andrey%20phone oob:email:a*v@elcoin.co.uk:Andrey%20email oob:phone:*8569:albert%20phone oob:email:i*a@elcoin.co.uk:Ilona%20email oob:phone:*7788:Ilona%20phone oob:email:j*a@gmail.com:ilona%20email%20test oob:email:i*o@elcoin.co.uk:test%20email oob:phone:*5325:2345 oob:phone:*2345:23453245 oob:phone:*9483: oob:phone:*5555:55555555555 oob:email:e*s@inbox.lv:Eduard oob:phone:*6022:Eduard oob:phone:*6219:Dexter%20phone oob:email:j*l@elcoin.co.uk: oob:phone:*6148:",
    "binding_method": "prompt",
    "mfa_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImN0eSI6IiJ9.eyJpc3MiOiJodHRwczpcL1wvYXBpLm4wLmVsY29pbi5jby51a1wvIiwic3ViIjoiRU4wMDAwMENZIiwiZXhwIjoxNjI2OTMxNzk0LCJqdGkiOiJlMjk4ZDM3OC03ZTlkLTI4OTMtODQxNC0wMTAxZDhkNTY3NzMiLCJzaWQiOiJlMjk4ZDM3OC03ZTlkLTI4OTMtODQxNC0wMTAxNjg0NzY2NzMiLCJjbGllbnRfaWQiOiJpYl9sb2NhbGhvc3QiLCJzY29wZSI6IkNVU1RPTUVSOkZVTEwiLCJ0b2tlbl90eXBlIjoiYmVhcmVyIiwiZXhwaXJlcyI6IjIwMjEtMDctMjJUMDU6Mjk6NTQuMDAwLTAwOjAwIiwiaXNzdWVkX2F0IjoiMTk3MC0wMS0wMVQwMDowMDowMC4wMDAtMDA6MDAifQ.Ia-78K8qRwTXT8SAqBYy6hQjzCh-B5G3R-vmMKjxY0",
    "error": "mfa_required",
    "error_description": "Multi-factor authentication required",
    "state": "5e982a097260d146803b5da13b1a19c2"
}						
# NEGATIVE RESPONSE

400 - Response with error when status is ERROR

400 - Response with error when status is ERROR

Schema: HeaderResponseStatusErrorOAuth
Type: object
Variable Name Type Format Description
error_description Error Description string Description of error
error Error Code string Error code
# RESPONSE NEGATIVE EXAMPLE
							{
    "error": "unauthorized_client",
    "error_description": "The client is not authorized to request an authorization code using this method.",
    "state": "5e982a097260d146803b5da13b1a19c2"
}