OTP Request API

OTP Request logo

OTP Request API 1.0.0

0
No votes yet

This API allows the client to request for an OTP (One Time Password) to be generated and sent to the customer's registered mobile no. For validating the OTP entered by the customer on the client's mobile or web application, the OTP should be passed along with other parameters in the ValidateOTP operation. When the customer clicks on "Resend OTP" option on the App, the request should be sent to the RegenerateOTP operation.

AttachmentSize
Plain text icon Postman collection6.99 KB

Basepath

/v1

expand_moreexpand_lessContact information
API Developer
forum Discuss this API in the forum
production
development
https://sandboxapi.rakbank.ae/sb/api

Paths

/otp_request/{req_reference_no}/generate_and_send

post /otp_request/{req_reference_no}/generate_and_send

Generate OTP request

Request for an OTP to be generated and sent to customer's registered mobile number.

clientIdHeader
X-IBM-Client-Id
(apiKey located in header)
oauth
oauth
(oauth2 application)
Token URL
https://testapi.rakbank.ae/sb/api/v1/int_client_auth/token
Scopes
otp_request
To Request for a One-Time-Password
req_reference_no
Required in path
string

The transaction Reference No from the client.

{
    "maxLength": 30
}
MsgId
Required in header
string

Unique Id sent by the client. Value should be a unique identifier of the request in UUID format

{
    "maxLength": 50
}
generate_otp_request
Required in body
object

Request details to generate an OTP.

generate_otp_request
Content-Type
Optional in header
string
application/json
Accept
Optional in header
string
application/json
200

200 OK

generate_otp_response
401

Unauthorized

error_response
403

Forbidden

error_response
422

Invalid Request/Unprocessable Entity

error_response
500

Internal Server Error

error_response
Example Request
Example Response
POST https://sandboxapi.rakbank.ae/sb/api/v1/otp_request/{req_reference_no}/generate_and_send
Try this operation
https://sandboxapi.rakbank.ae/sb/api/v1/otp_request/{req_reference_no}/generate_and_send
content-type
accept
MsgId
req_reference_no

/otp_request/{req_reference_no}/regenerate_and_send

post /otp_request/{req_reference_no}/regenerate_and_send

Regenerate OTP request

Request for an OTP to be regenerated and sent to customer's registered mobile number.

clientIdHeader
X-IBM-Client-Id
(apiKey located in header)
oauth
oauth
(oauth2 application)
Token URL
https://testapi.rakbank.ae/sb/api/v1/int_client_auth/token
Scopes
otp_request
To Request for a One-Time-Password
req_reference_no
Required in path
string

The transaction Reference No from the client.

{
    "maxLength": 30
}
MsgId
Required in header
string

Unique Id sent by the client. Value should be a unique identifier of the request in UUID format

{
    "maxLength": 50
}
generate_otp_request
Required in body
object

Request details to regenerate OTP.

generate_otp_request
Content-Type
Optional in header
string
application/json
Accept
Optional in header
string
application/json
200

200 OK

generate_otp_response
401

Unauthorized

error_response
403

Forbidden

error_response
422

Invalid Request/Unprocessable Entity

error_response
500

Internal Server Error

error_response
Example Request
Example Response
POST https://sandboxapi.rakbank.ae/sb/api/v1/otp_request/{req_reference_no}/regenerate_and_send
Try this operation
https://sandboxapi.rakbank.ae/sb/api/v1/otp_request/{req_reference_no}/regenerate_and_send
content-type
accept
MsgId
req_reference_no

/otp_request/{req_reference_no}/validate

post /otp_request/{req_reference_no}/validate

Validate OTP request

This operation is used for validating the OTP entered by the customer on the client's mbile or web application. The OTP should be sent along with other details of the customer which must match the details that was sent while generating OTP.

clientIdHeader
X-IBM-Client-Id
(apiKey located in header)
oauth
oauth
(oauth2 application)
Token URL
https://testapi.rakbank.ae/sb/api/v1/int_client_auth/token
Scopes
otp_request
To Request for a One-Time-Password
MsgId
Required in header
string

Unique Id sent by the client. Value should be a unique identifier of the request in UUID format

{
    "maxLength": 50
}
req_reference_no
Required in path
string

The transaction Reference No from the client.

{
    "maxLength": 30
}
generate_otp_request
Required in body
object

Request details to regenerate OTP.

validate_otp_request
Content-Type
Optional in header
string
application/json
Accept
Optional in header
string
application/json
204

No Content

401

Unauthorized

error_response
403

Forbidden

error_response
422

Invalid Request/Unprocessable Entity

error_response
500

Internal Server Error

error_response
Example Request
Example Response
POST https://sandboxapi.rakbank.ae/sb/api/v1/otp_request/{req_reference_no}/validate
Try this operation
https://sandboxapi.rakbank.ae/sb/api/v1/otp_request/{req_reference_no}/validate
content-type
accept
MsgId
req_reference_no

Definitions

This is request body for the OTP Generation Operation.

{
    "type": "object",
    "properties": {
        "otp_type": {
            "type": "string",
            "maxLength": 50,
            "description": "This field will have the OTP Service name.",
            "enum": [
                "DigInvestmentAccount",
                "DigInvestmentCreditCard"
            ]
        },
        "to": {
            "$ref": "#/definitions/to"
        },
        "otp_metadata": {
            "$ref": "#/definitions/otp_metadata"
        }
    },
    "required": [
        "otp_type",
        "to",
        "otp_metadata"
    ]
}

This will contain the details of the remitter

{
    "properties": {
        "customer_id_type": {
            "type": "string",
            "enum": [
                "CIF_ID"
            ],
            "description": "Type of the Customer id of the customer to whom OTP needs to be sent. Allowed values - CIF_ID",
            "example": "CIF_ID"
        },
        "customer_id": {
            "type": "string",
            "maxLength": 15,
            "minLength": 1,
            "pattern": "^\\d+$",
            "example": 1234567,
            "description": "Customer id of the customer, corresponding to the customer_id_type to whom OTP needs to be sent."
        },
        "customer_type": {
            "type": "string",
            "maxLength": 1,
            "description": "This field will have the Customer Type for which the OTP request is being generated. Validation for OTP generation are based on Customer Type. Customer Type  R - Retail, S - SME and C - Corporate",
            "default": "R",
            "enum": [
                "C",
                "R",
                "S"
            ]
        }
    },
    "additionalProperties": false,
    "required": [
        "customer_id",
        "customer_id_type",
        "customer_type"
    ]
}

This field will have information which will be used for OTP generation, validation and re-generation depending upon the OTP Type.

{
    "type": "object",
    "properties": {
        "account_type": {
            "type": "string",
            "description": "This field should have the indicator for Customer's Creditcard No or Account No for which the OTP is being generated.",
            "enum": [
                "C",
                "A"
            ],
            "example": "C"
        },
        "account_id": {
            "type": "string",
            "maxLength": 16,
            "pattern": "^\\d+$",
            "example": 1234567890123,
            "description": "This field should have the Customer's Account No. It is mandatory in generate, regenerate and validate OTP operations for Account/Debit Card Payment."
        },
        "value": {
            "$ref": "#/definitions/value",
            "description": "This field should have the Amount."
        },
        "masked_credit_card": {
            "type": "string",
            "maxLength": 16,
            "pattern": "^\\d{0,4}\\*\\*\\*\\*\\*\\*\\*\\*\\d{0,4}$",
            "description": "This field should have masked Credit Card No. It is mandatory in generate, regenerate and validate OTP operations for Credit Card. Except for first 4 and last 4 digits of the card, all other digits should be passed as '*'.",
            "example": "5123********3225"
        }
    },
    "required": [
        "account_type",
        "value"
    ]
}

Amount details

{
    "properties": {
        "currency": {
            "type": "string",
            "maxLength": 3,
            "enum": [
                "AED",
                "USD"
            ],
            "description": "Currency",
            "example": "AED"
        },
        "amount": {
            "type": "string",
            "pattern": "^\\d{0,16}.\\d{0,3}$",
            "description": "Amount Value. Number (16,3). [ Mantissa (16), Decimal Precision (3), excluding dot]. Example: 50.05 AED",
            "example": 50.05
        }
    },
    "additionalProperties": false,
    "required": [
        "currency",
        "amount"
    ]
}
              
{
    "type": "object",
    "properties": {
        "otp_reference_no": {
            "type": "string",
            "description": "Reference number generated by bank for this request.",
            "maxLength": 256
        },
        "otp_generated_date": {
            "type": "string",
            "format": "date-time",
            "example": "2020-08-10T15:28:43.717Z",
            "description": "The OTP generated timestamp"
        },
        "otp_expiry_date": {
            "type": "string",
            "format": "date-time",
            "example": "2020-08-10T15:38:43.717Z",
            "description": "The expiry date and time for the OTP."
        }
    }
}

This is request body for the OTP Generation Operation.

{
    "type": "object",
    "properties": {
        "otp_type": {
            "type": "string",
            "maxLength": 50,
            "description": "This field will have the OTP Service name.",
            "enum": [
                "DigInvestmentAccount",
                "DigInvestmentCreditCard"
            ]
        },
        "to": {
            "$ref": "#/definitions/to"
        },
        "otp_metadata": {
            "$ref": "#/definitions/otp_metadata"
        },
        "otp": {
            "type": "string",
            "maxLength": 6,
            "description": "This field should have the OTP value which was sent to the customer. This field will be used during OTP Validation"
        }
    },
    "required": [
        "otp_type",
        "to",
        "otp",
        "otp_metadata"
    ]
}

Response in case of error

{
    "properties": {
        "status": {
            "type": "string",
            "description": "HTTP Status",
            "example": "422"
        },
        "response_code": {
            "type": "string",
            "description": "API specific error code",
            "example": "24001"
        },
        "property": {
            "type": "string"
        },
        "response_message": {
            "type": "string",
            "description": "brief type of the error",
            "example": "Business Exception"
        },
        "description": {
            "type": "string",
            "description": "detailed description of the error",
            "example": "OTP expired"
        }
    },
    "additionalProperties": false,
    "required": [
        "response_code",
        "status",
        "response_message"
    ]
}