1. OAA Runtime API
  2. Tasks
  3. KBA

Associate and update questions with answers specific to user.

put

/oaa-kba/runtime/kba/v1/questions

The user is challenged with the active questions. Questions associated with users will be used during authentication to verify the user's identity. The answers provided are stored as the user private answer for the question. The user identity data must be present in the body of the put request. The user associations as well as the user answers with the provided questions alone will be updated. Questions with Active flag set to true are considered active and may be used for challenging the user subsequently. The user needs to activate at least one question per each choice of questions. The user may activate more than one question per choice based on the system property challenge.question.registration.maxcount.from.each.groups. By default, the user may be challenged by any one of the active questions during authentication. Since 12.2.1.4.1-20230630, this behavior may be overridden by the system property oracle.security.oaa.kba.challenge.number if the system has been configured with adequate active questions. If the OAA server is configured to challenge the user with multiple questions, the generated challenge will contain the multiple challenges as a string that contains the list of challenges separated by the value of the system property oracle.security.oaa.kba.challenge.separator. When the response to the challenge is presented to the OAA server, the response is also expected to be seperated by the same separator. By default, this separator is declared as '|' character. This may be overridden with any other character, or combination of characters that should not be used in the challenge or the response.

Request

There are no request parameters for this operation.

Supported Media Types
Request Body - application/xml ()
Root Schema : schema
Type: object
Show Source
Nested Schema : choices
Type: array
Show Source
Nested Schema : User
Type: object
Show Source
Nested Schema : Choice
Type: object
Show Source
Nested Schema : questions
Type: array
Show Source
Nested Schema : Question
Type: object
Show Source
Request Body - application/json ()
Root Schema : schema
Type: object
Show Source
Nested Schema : choices
Type: array
Show Source
Nested Schema : User
Type: object
Show Source
Nested Schema : Choice
Type: object
Show Source
Nested Schema : questions
Type: array
Show Source
Nested Schema : Question
Type: object
Show Source
Back to Top

Response

Supported Media Types

204 Response

Success

401 Response

Unauthorized
Body ()
Root Schema : KBAAPIResponse
Type: object
Show Source

415 Response

Content-Type header value is invalid or not accepted on the server
Body ()
Root Schema : KBAAPIResponse
Type: object
Show Source

422 Response

Unprocessable Entity. Failed to update user question data.
Body ()
Root Schema : KBAAPIResponse
Type: object
Show Source

500 Response

Server error.
Body ()
Root Schema : KBAAPIResponse
Type: object
Show Source
Back to Top

Examples

The following example shows a sample request and response for associating and updating questions with answers specific to a user.

cURL Command To Associate and Update Questions Specific to a User in JSON Format

curl --location --request PUT '<OAAService>/oaa-kba/runtime/kba/v1/questions' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \
--data '{
    "user": {
        "userid": "user1",
        "group": "financeapp",
        "uniqueUserId": "user1"
    },
     "choices": [
        {
            "questions": [
                {
                    "questionId": 3,
                    "question": "What was your birth weight?",
                    "active": true,
                    "answer": "3kg"
                },
                    {
                    "questionId": 13,
                    "question": "What is the most unusual job you have had?",
                    "active": true,
                    "answer": "lion tamer"
                },
                        {
                    "questionId": 16,
                    "question": "What year did you get your first job?",
                    "active": true,
                     "answer": "2000"
                }
            ]    
        }
}'

Sample Response in JSON Format

204 No Content

cURL Command to Verify a User's Identity in XML Format

curl --location --request PUT '<OAAService>/oaa-kba/runtime/kba/v1/questions' \
--header 'Content-Type: application/xml' \
--header 'Accept: application/xml' \
--header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \
--data '<?xml version="1.0" encoding="UTF-8" ?>
<UserQuestion>
<user>
  <userid>user1</userid>
  <group>financeapp</group>
  <uniqueUserId>user1</uniqueUserId>
</user>
<choices>
    <questions>
            <questionId>3</questionId>
            <question>What was your birth weight?</question>
            <answer>4kg</answer>
            <active>true</active>
    </questions>
	<questions>
            <questionId>13</questionId>
            <question>What is the most unusual job you have had?</question>
            <answer>lion tamer</answer>
            <active>true</active>
    </questions>
	<questions>
            <questionId>16</questionId>
            <question>What year did you get your first job?</question>
            <answer>2001</answer>
</choices>
</UserQuestion>

Sample Response in XML Format

204 No Content
Back to Top