This is an example API that uses Swagger to document its endpoints.
All operations with PIN code and biometric auth should be performed on application side
- PIN code should be created on first login
- If biometric auth wasn't succesfull request PIN code input
- If user prvided wrong PIN 3 times, call
/logout
The API has the following endpoints:
-
Base validation of username and password should be performed on application side
-
Auth button should be unactive till user didn't provide values to both fields
-
If error recieved from backend application should provide button for password recovery
-
PUT
: Perform authorization
-
Logout should be performed if user could validate identity via passcode or couldn't pass biometric identification
-
POST
: Revocate authorization
-
If user forgot password he should be able to recover it via request with login and description in comment field
-
POST
: Request password recovery
-
If user forgot login too, he should be able to provide additional information, like bith date via request with description in comment field
-
POST
: Request login recovery
-
Endpoint should return welcome message, it would be used for promo, jokes, etc., without changes on application side
-
GET
: Get welcome message
GET
: Get list of cards
GET
: Get card by IDPOST
: Block card
GET
: Get list of transactions
GET
: Get transaction by IDPOST
: Create transaction dispute
GET
: Get list of complainsPOST
: Create complain
The API uses JWT authentication. To authenticate, send a POST
request to /login
with a username and password in the request body. This will return an access token that can be used to access protected endpoints.
To access protected endpoints, include the access token in the Authorization
header of your requests.