REST API for Multifactor Authentication One Time PIN in Oracle Access Manager

Validate user provided OTP/TOTP code

post

/oam/services/rest/auth/api/v1/mfa/validateOTP

Validates a user provided OTP/TOTP code against stored code generated by call to createOTP API. Configuration details can be found in OAM Admin Guide - Configuring the Adaptive Authentication Plug-in in the Oracle Access Management Console

Request

Supported Media Types

application/json
application/xml

Validate OTP request

Root Schema : ValidateOTPRequest

Type: object

Show Source

appName(required): string

Name defining calling app.
correlationId(required): string

CorrelationId returned by createOTP api.
deliveryChannel: string

Channel used for delivery of OTP. Only required if validating TOTP.
idStore: string

Identity Store Reference to find supplied user.
otpCode(required): string

User entered otp code to be validated.
sessionId: string

SessionId associated with OTP generation.
userId(required): string

Username of user to generate OTP code for.

{
    "type":"object",
    "required":[
        "userId",
        "correlationId",
        "otpCode",
        "appName"
    ],
    "properties":{
        "userId":{
            "description":"Username of user to generate OTP code for.",
            "type":"string"
        },
        "correlationId":{
            "description":"CorrelationId returned by createOTP api.",
            "type":"string"
        },
        "otpCode":{
            "description":"User entered otp code to be validated.",
            "type":"string"
        },
        "appName":{
            "description":"Name defining calling app.",
            "type":"string"
        },
        "sessionId":{
            "description":"SessionId associated with OTP generation.",
            "type":"string"
        },
        "deliveryChannel":{
            "description":"Channel used for delivery of OTP. Only required if validating TOTP.",
            "type":"string"
        },
        "idStore":{
            "description":"Identity Store Reference to find supplied user.",
            "type":"string"
        }
    }
}

Response

Supported Media Types

application/json
application/xml

200 Response

Successful

Root Schema : ValidateOTPResponse

Type: object

Show Source

message: string

Message describing error, if any.
minorCode: string

Minor code indicating error details.
resultCode: string

Response code indicating success (0) or error.

{
    "properties":{
        "resultCode":{
            "type":"string",
            "description":"Response code indicating success (0) or error."
        },
        "minorCode":{
            "type":"string",
            "description":"Minor code indicating error details."
        },
        "message":{
            "type":"string",
            "description":"Message describing error, if any."
        }
    }
}

401 Response

Unauthorized

404 Response

Requested entity not found

422 Response

Unprocessable Entity

Root Schema : ValidateOTPResponse

Type: object

Show Source

message: string

Message describing error, if any.
minorCode: string

Minor code indicating error details.
resultCode: string

Response code indicating success (0) or error.

{
    "properties":{
        "resultCode":{
            "type":"string",
            "description":"Response code indicating success (0) or error."
        },
        "minorCode":{
            "type":"string",
            "description":"Minor code indicating error details."
        },
        "message":{
            "type":"string",
            "description":"Message describing error, if any."
        }
    }
}

424 Response

Failed Dependency

Root Schema : ValidateOTPResponse

Type: object

Show Source

message: string

Message describing error, if any.
minorCode: string

Minor code indicating error details.
resultCode: string

Response code indicating success (0) or error.

{
    "properties":{
        "resultCode":{
            "type":"string",
            "description":"Response code indicating success (0) or error."
        },
        "minorCode":{
            "type":"string",
            "description":"Minor code indicating error details."
        },
        "message":{
            "type":"string",
            "description":"Message describing error, if any."
        }
    }
}

500 Response

Internal Server Error

Root Schema : ValidateOTPResponse

Type: object

Show Source

message: string

Message describing error, if any.
minorCode: string

Minor code indicating error details.
resultCode: string

Response code indicating success (0) or error.

{
    "properties":{
        "resultCode":{
            "type":"string",
            "description":"Response code indicating success (0) or error."
        },
        "minorCode":{
            "type":"string",
            "description":"Minor code indicating error details."
        },
        "message":{
            "type":"string",
            "description":"Message describing error, if any."
        }
    }
}