Validate password

post https://{host}/auth/v1/mfa/password/validate

Validate the entered password.

This API validates the password entered by the customer. The API triggers after validating the OTP from the MFA flow. It uses the session ID generated from the /mfa/token/generate API.

Note: After validating the MFA OTP, regenerate the MFA session ID using /mfa/token/generate. Use the new session ID to validate the password.

The flow chart below illustrates the steps.

API endpoint example

'https://eu.api.capillarytech.com/auth/v1/mfa/password/validate`

Resource information


URI	auth/v1/mfa/password/validate
HTTP method	POST
Pagination supported?	NA
Rate limit	NA
Batch support	NA

Request body parameters

Parameter (Parameters marked with * are mandatory)	Data Type	Description
deviceId*	String	Unique ID of the device used for password validation. It should be the same device used to generate the token.
brand*	String	Name of the brand or organisation that needs verification.
sessionId*	String	Unique ID created from `/mfa/token/generate` API. After validating the MFA OTP, regenerate the MFA session ID using the`/mfa/token/generate`. Use the new session ID to validate the password.
password*	String	Password that needs validation.
identifierType*	String	Type of identifier to identify the customer. Values: MOBILE, EMAIL, USERNAME, EXTERNALID
identifierValue*	String	Value of the identifier.

curl --location 'https://eu.api.capillarytech.com/auth/v1/mfa/password/validate' \
--header 'Content-Type: application/json' \
--header 'Cookie: _cfuvid=SFXPZtlcKGm5C7TLTY.Z6GYvm_rJFRPKAVc07.hnnEc-1716977297258-0.0.1.1-604800000' \
--data '{
    "deviceId":"1234",
    "brand":"Bukl",
    "sessionId":"P-f1f3ccd7-0fe9-4159-ab23-2eb33e42f512",
    "password":"12345",
    "identifierType":"MOBILE",
    "identifierValue":"18767431754"
}'

Response parameters

Parameter	Data Type	Description
status	object	Object containing status information.
- success	boolean	Boolean indicating the status of the request.
- code	integer	HTTP status code indicating the result. Example: 200 indicates success.
- message	string	Message describing the status of the request.
auth	object	Object containing authentication details.
- token	string	String representing the authentication token. By default, the token is valid for 15 minutes.
- key	string	String representing the authentication key.
identifiers	object	Object containing identifier details.
- identifierList	string	List of identifiers.
user	object	Object containing user details.
- appRegistered	boolean	Indicates if the user is registered in the app.
- sessionId	string	Session ID for MFA flow. The session ID is valid for 15 minutes by default.
- role	string	Indicates the user's role. Example: VIEW, USER.
- userRegisteredForPassword	boolean	Indicates if the user is registered for a password.

{
    "status": {
        "success": true,
        "code": 200,
        "message": "SUCCESS"
    },
    "auth": {
        "token": "eyJpZHYiOlsiTU9CSUxFfDE4NzY3NDMxNzU0Il0sImRldiI6IjEyMzQiLCJvcmciOiJCVUtMIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiIxNzgwNzc2IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsImlzYyI6ImZhbHNlIiwib2djIjpbIjEwMDQ1OHxidWtsLmluZC5zb2x1dGlvbiJdLCJleHAiOjE3MTY5NzgzNjEsImlhdCI6MTcxNjk3NzQ2MSwicm9sIjoiVVNFUiJ9.8_qJ7TFcGUQEbsvRHMQ8fosX9Vwn0UUkFLqtH5tOcQ4",
        "key": "eyJpZHYiOlsiTU9CSUxFfDE4NzY3NDMxNzU0Il0sImRldiI6IjEyMzQiLCJvcmciOiJCVUtMIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiIxNzgwNzc2IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsIm1mYSI6dHJ1ZSwiaWF0IjoxNzE2OTYyNTU3LCJyb2wiOiJBVVRIIn0.89CmFeLl_zfUBuv2Ea4eQIc3Wy8fJzlcRQad8UcqK-4"
    },
    "identifiers": {
        "identifierList": null
    },
    "user": {
        "appRegistered": false,
        "sessionId": null,
        "role": "USER",
        "userRegisteredForPassword": true
    }
}