Security API (V2)

Download OpenAPI specification:Download

Security

Provides methods to generate/revoke access tokens, and Strong Customer Authentication (SCA) functionality.

Authorize

Used to authorize a Strong Customer Authentication (SCA) request. For Partner owned authentication this will require a first and second authentication factor.

Request
header Parameters
Authorization
required
string

A JWT access token returned from the security/login method, uniquely identifying your partner login session. This is required to make requests to the API.

Request Body schema: application/json
SCAReferenceNumber
required
string = 36 characters

Solaris will generate a unique SCA reference number for the customer transaction which requires SCA. SCA can be managed either by the Client or Solaris.

Client Managed SCA(e-commerce): This SCA Reference Number is the unique 'TransactionID' provided in the webhook(3DS).

Client Managed SCA(non e-commerce) and Solaris Managed SCA using OTP (non e-commerce): This SCA reference number will be sent in the 900 response of any SCA transaction. e.g., Bank Transfer

CancelRequest
boolean

Default is False. This parameter indicates whether SCA has been successfully completed or whether the SCA request needs to be cancelled.

False indicates approved and the SCA has been successfully completed.
True indicates cancelled and will cancel the SCA request.
Valid values are true or false.

SCAIdentification
string [ 0 .. 50 ] characters

Client Managed SCA (e-commerce): Not required

Client Managed SCA(non e-commerce): Not required

Solaris Managed SCA using OTP (non e-commerce): Encrypted OTP provided back by client for 2nd factor authentication in case SCA type set for client is OTP. OTP will be 8 digits.

FirstFactorSCAOptionType
integer <int32>

Client Managed SCA (e-commerce and non e-commerce): A valid SCA option type

1 = Device Binding (Possession)
2 = Face (Inherence)
3 = Finger (Inherence)
4 = OTP (Possession)
5 = mPIN (Knowledge)
6 = Password (Knowledge)
7 = Other Knowledge Item
8 = Other Possession Item
9 = Other Inherence Item

Solaris Managed SCA using OTP (non e-commerce): Not required

1 = Device Binding (Possession)
2 = Face (Inherence)
3 = Finger (Inherence)
4 = OTP (Possession)
5 = mPIN (Knowledge)
6 = Password (Knowledge)
7 = Other Knowledge Item
8 = Other Possession Item
9 = Other Inherence Item

Enum: "None" "ApproveRejectButton" "Face" "Finger" "OTP" "mPIN" "Password" "OtherKnowledgeItem" "OtherPossessionItem" "OtherInherenceItem"
SecondFactorSCAOptionType
integer <int32>

The SecondFactorSCAOptionType must be from a different type than FirstFactorSCAOptionType
e.g., cannot have Possession and Possession or Inherence and Inherence.

Client Managed SCA(e-commerce and non e-commerce): A valid SCA option type required when CancelRequest = False. Otherwise optional in case of CancelRequest = True

1 = Device Binding (Possession)
2 = Face (Inherence)
3 = Finger (Inherence)
4 = OTP (Possession)
5 = mPIN (Knowledge)
6 = Password (Knowledge)
7 = Other Knowledge Item
8 = Other Possession Item
9 = Other Inherence Item

Solaris Managed SCA using OTP (non e-commerce): Not required

1 = Device Binding (Possession)
2 = Face (Inherence)
3 = Finger (Inherence)
4 = OTP (Possession)
5 = mPIN (Knowledge)
6 = Password (Knowledge)
7 = Other Knowledge Item
8 = Other Possession Item
9 = Other Inherence Item

Enum: "None" "ApproveRejectButton" "Face" "Finger" "OTP" "mPIN" "Password" "OtherKnowledgeItem" "OtherPossessionItem" "OtherInherenceItem"
ClientRequestReference
string [ 0 .. 50 ] characters

Solaris partners should provide a reference number in each API request for tracking/auditing purpose of actions performed on the Solaris platform.

CultureID
integer <int32>

Unique identifier of the response language. Default language value is 1. i.e. UK English. Other supported values are 1 = UK English, 2 = Russian, 3 = Latvian.

Responses
200

Success

400

Bad Request

500

Server Error

post/security/Authorize
Request samples
application/json
{
  • "SCAReferenceNumber": "5A376AF7-3AA1-4F63-8F44-B29CF6AC770A",
  • "CancelRequest": false,
  • "SCAIdentification": "Q4otSv8JSL4pIfHZY1ggjzT9OXxwvhK1TUvaLEwfLpE",
  • "FirstFactorSCAOptionType": 1,
  • "SecondFactorSCAOptionType": 1,
  • "ClientRequestReference": "[ReferenceExample]",
  • "CultureID": 1
}
Response samples
application/json
{
  • "ReferenceID": 123,
  • "SCAReferenceNumber": "5A376AF7-3AA1-4F63-8F44-B29CF6AC770A",
  • "SCARes": {
    },
  • "Description": "Success",
  • "ResponseCode": "000",
  • "ResponseDateTime": "2021-12-21T13:58:02.899",
  • "ClientRequestReference": "reference",
  • "RequestID": 27194
}

Deregister SDK Device

De-registers the given SDK device.

Request
header Parameters
Authorization
required
string

A JWT access token returned from the security/login method, uniquely identifying your partner login session. This is required to make requests to the API.

Request Body schema: application/json
ConsumerID
required
integer <int32>

Unique identifier of the consumer.

SDKDeviceReferenceID
required
integer <int64>

Unique identifier of the sdk device.

ClientRequestReference
string [ 0 .. 50 ] characters

Solaris partners should provide a reference number in each API request for tracking/auditing purpose of actions performed on the Solaris platform.

CultureID
integer <int32>

Unique identifier of the response language. Default language value is 1. i.e. UK English. Other supported values are 1 = UK English, 2 = Russian, 3 = Latvian.

Responses
200

Success

400

Bad Request

500

Server Error

post/security/DeRegisterSDKDevice
Request samples
application/json
{
  • "ConsumerID": 21,
  • "SDKDeviceReferenceID": 1,
  • "ClientRequestReference": "[ReferenceExample]",
  • "CultureID": 1
}
Response samples
application/json
{
  • "Description": "Success",
  • "ResponseCode": "000",
  • "ResponseDateTime": "2021-12-21T13:58:02.899",
  • "ClientRequestReference": "reference",
  • "RequestID": 27194
}

Get SCA Pending Request

Lists all pending Strong Customer Authentication (SCA) requests for the specified consumer.

Request
header Parameters
Authorization
required
string

A JWT access token returned from the security/login method, uniquely identifying your partner login session. This is required to make requests to the API.

Request Body schema: application/json
ConsumerID
required
integer <int32>

Unique identifier of the consumer.

ClientRequestReference
string [ 0 .. 50 ] characters

Solaris partners should provide a reference number in each API request for tracking/auditing purpose of actions performed on the Solaris platform.

CultureID
integer <int32>

Unique identifier of the response language. Default language value is 1. i.e. UK English. Other supported values are 1 = UK English, 2 = Russian, 3 = Latvian.

Responses
200

Success

400

Bad Request

500

Server Error

post/security/GetSCAPendingRequest
Request samples
application/json
{
  • "ConsumerID": 21,
  • "ClientRequestReference": "[ReferenceExample]",
  • "CultureID": 1
}
Response samples
application/json
{
  • "SCAPendingRequests": [
    ],
  • "Description": "Success",
  • "ResponseCode": "000",
  • "ResponseDateTime": "2021-12-21T13:58:02.899",
  • "ClientRequestReference": "reference",
  • "RequestID": 27194
}

List SDK Devices

Retrieves the device currently registered for SDK use for the specified consumer.

Request
header Parameters
Authorization
required
string

A JWT access token returned from the security/login method, uniquely identifying your partner login session. This is required to make requests to the API.

Request Body schema: application/json
ConsumerID
required
integer <int32>

Unique identifier of the consumer.

ClientRequestReference
string [ 0 .. 50 ] characters

Solaris partners should provide a reference number in each API request for tracking/auditing purpose of actions performed on the Solaris platform.

CultureID
integer <int32>

Unique identifier of the response language. Default language value is 1. i.e. UK English. Other supported values are 1 = UK English, 2 = Russian, 3 = Latvian.

Responses
200

Success

400

Bad Request

500

Server Error

post/security/ListSDKDevices
Request samples
application/json
{
  • "ConsumerID": 21,
  • "ClientRequestReference": "[ReferenceExample]",
  • "CultureID": 1
}
Response samples
application/json
{
  • "SDKDevicesList": [
    ],
  • "Description": "Success",
  • "ResponseCode": "000",
  • "ResponseDateTime": "2021-12-21T13:58:02.899",
  • "ClientRequestReference": "reference",
  • "RequestID": 27194
}

Login

Generates an access token for the given session, which must be included with all subsequent requests to the API.

Request
Request Body schema: multipart/form-data
GRANT_TYPE
required
string = 8 characters

The grant_type header parameter is required by OAuth2 RFC for the /login endpoint, which exchanges a grant for real tokens. This field must contain the value "password"

UserName
required
string [ 8 .. 100 ] characters

Username required for login. It must be 8 to 20 characters and should not contain special characters for those who don't have email as username facility allowed.

Password
required
string [ 8 .. 20 ] characters

Password required for login. It must be 8 to 20 characters and should contain at least one upper case letter, one lower case letter and a special character. The allowed characters are a-z, A-Z, 0-9 and special characters ! @ $ # % ^ & * + = ( ).

SchemeCode
string [ 0 .. 6 ] characters

Unique identifier of the scheme.

Responses
200

Success

400

Bad Request

500

Server Error

post/security/login
Response samples
application/json
{
  • "access_token": "[access_token]",
  • "token_type": "bearer",
  • "expires_in": 43199,
  • "Contis_SecurityKey": "[SecurityKey]",
  • ".expires": "2021-06-07T09:13:44.6402008+05:30",
  • ".issued": "2021-06-07T09:10:44.6402008+05:30"
}

Logout

Revokes the specified access token provided in the request Authorization header.

Request
header Parameters
Authorization
required
string

A JWT access token returned from the security/login method, uniquely identifying your partner login session. This is required to make requests to the API.

Request Body schema: application/json
LogoutReason
integer <int32>

Reasons for Logout

0 = None
1 = Manually logout
2 = Session timeout
3 = Logged in to another device
4 = Lost connection
5 = Force close the app
6 = Login disabled

Enum: "None" "ManuallyLogout" "SessionTimeout" "LoggedIntoAnotherDevice" "LostConnection" "ForceCloseTheApp" "LoginDisabled"
ClientRequestReference
string [ 0 .. 50 ] characters

Solaris partners should provide a reference number in each API request for tracking/auditing purpose of actions performed on the Solaris platform.

CultureID
integer <int32>

Unique identifier of the response language. Default language value is 1. i.e. UK English. Other supported values are 1 = UK English, 2 = Russian, 3 = Latvian.

Responses
200

Success

400

Bad Request

500

Server Error

post/security/logout
Request samples
application/json
{
  • "LogoutReason": 1,
  • "ClientRequestReference": "[ReferenceExample]",
  • "CultureID": 1
}
Response samples
application/json
{
  • "Description": "Success",
  • "ResponseCode": "000",
  • "ResponseDateTime": "2021-12-21T13:58:02.899",
  • "ClientRequestReference": "reference",
  • "RequestID": 27194
}

Post Login Details

Provides the SCA factor(s) used for a login event, with the ability to request the second factor workflow be initiated by Solaris.

Request
header Parameters
Authorization
required
string

A JWT access token returned from the security/login method, uniquely identifying your partner login session. This is required to make requests to the API.

Request Body schema: application/json

PostLoginReq

ConsumerID
required
integer <int32>

Unique identifier of the consumer.

SCAOptionID1FA
integer <int32>

SCAOptionID1FA option is required, which is for first factor of login. Both first and secound factor must not be same. i.e. Password (Knowledge factor) then second factor must not be mPIN (Knowledge factor).

1 = Device Binding (Possession)
2 = Face (Inherence)
3 = Finger (Inherence)
4 = OTP (Possession)
5 = mPIN (Knowledge)
6 = Password (Knowledge)
7 = Other Knowledge Item
8 = Other Possession Item
9 = Other Inherence Item

Enum: "None" "ApproveRejectButton" "Face" "Finger" "OTP" "mPIN" "Password" "OtherKnowledgeItem" "OtherPossessionItem" "OtherInherenceItem"
SCAOptionID2FA
integer <int32>

SCAOptionID2FA option is required if secound factor has been performed. Both first and secound factor must not be same. i.e. Face (Inheritance factor) then second factor must not be Finger (Inheritance factor).

1 = Device Binding (Possession)
2 = Face (Inherence)
3 = Finger (Inherence)
4 = OTP (Possession)
5 = mPIN (Knowledge)
6 = Password (Knowledge)
7 = Other Knowledge Item
8 = Other Possession Item
9 = Other Inherence Item

Enum: "None" "ApproveRejectButton" "Face" "Finger" "OTP" "mPIN" "Password" "OtherKnowledgeItem" "OtherPossessionItem" "OtherInherenceItem"
DoSecondFactor
boolean

A System.Boolean value can be present in request parameter if Solaris are needed to supply a second factor for login. If parameter has value true, then if requested ContisCanvasAPI.Models.PostLoginReq.ConsumerID is registered with SDK on the device, then SDK will be invoked; otherwise device will get an OTP either via API response or via SMS to the customer - dependent on method agreed with Solaris.
The default parameter has a value of false, because we assume that the ContisCanvasAPI.Models.PostLoginReq.SCAOptionID2FA parameter, must have been passed.

Blank is not a valid value and you will get a validation error message if you leave the field like:
"DoSecondFactor": "" OR "DoSecondFactor":
Valid values are true or false.

ClientRequestReference
string [ 0 .. 50 ] characters

Solaris partners should provide a reference number in each API request for tracking/auditing purpose of actions performed on the Solaris platform.

CultureID
integer <int32>

Unique identifier of the response language. Default language value is 1. i.e. UK English. Other supported values are 1 = UK English, 2 = Russian, 3 = Latvian.

Responses
200

Success

400

Bad Request

500

Server Error

post/security/PostLoginDetails
Request samples
application/json
{
  • "ConsumerID": 1231456,
  • "SCAOptionID1FA": 1,
  • "SCAOptionID2FA": 1,
  • "DoSecondFactor": false,
  • "ClientRequestReference": "[ReferenceExample]",
  • "CultureID": 1
}
Response samples
application/json
{
  • "SCARes": {
    },
  • "Description": "Success",
  • "ResponseCode": "000",
  • "ResponseDateTime": "2021-12-21T13:58:02.899",
  • "ClientRequestReference": "reference",
  • "RequestID": 27194
}

Regenerate SCA

Regenerates a Strong Customer Authentication (SCA) request for the given SCA event (identified by the SCAReferenceNumber) following a previously failed authorization attempt. This method can be invoked a maximum of 5 times for a given SCAReferenceNumber, with the remaining number of resend/regeneration attempts indicated via the response's RemainingResendCount parameter.

Request
header Parameters
Authorization
required
string

A JWT access token returned from the security/login method, uniquely identifying your partner login session. This is required to make requests to the API.

Request Body schema: application/json

Regenerate sca request.

SCAReferenceNumber
required
string = 36 characters

Solaris provides unique reference number generated against consumer OTP which needs to be provided in API request to perform SCA. Unique reference number generated by Solaris, to perform SCA and to complete pending action.

SCAType
required
integer <int32>

Type of SCA generated in resposne of specific action where SCA required.

0 = Client Managed Authentication
1 = OTP
2 = MobilePush

Enum: "None" "OTP" "MobilePush"
ClientRequestReference
string [ 0 .. 50 ] characters

Solaris partners should provide a reference number in each API request for tracking/auditing purpose of actions performed on the Solaris platform.

CultureID
integer <int32>

Unique identifier of the response language. Default language value is 1. i.e. UK English. Other supported values are 1 = UK English, 2 = Russian, 3 = Latvian.

Responses
200

Success

400

Bad Request

500

Server Error

post/security/RegenerateSCA
Request samples
application/json
{
  • "SCAReferenceNumber": "5A376AF7-3AA1-4F63-8F44-B29CF6AC770A",
  • "SCAType": 1,
  • "ClientRequestReference": "[ReferenceExample]",
  • "CultureID": 1
}
Response samples
application/json
{
  • "SCARes": {
    },
  • "Description": "Success",
  • "ResponseCode": "000",
  • "ResponseDateTime": "2021-12-21T13:58:02.899",
  • "ClientRequestReference": "reference",
  • "RequestID": 27194
}
Solaris is the brand name for the regulated entities Contis Financial Services Ltd and UAB „Finansinės paslaugos „Contis“, which are part of the Solaris Group.