Security questions

Checking for a question

Method

GET https://login.company.com/blitz/api/v3/users/{subjectId}/secQsn

Checking whether the user has a security question.

Required permissions: blitz_api_usec or blitz_api_sys_usec.

Returns

• If the security question is asked - the text of the security question.

• If the security question is not asked - 404 Not Found.

Example

Request

GET /blitz/api/v3/users/d2580c98-e584-4aad-a591-97a8cf45cd2a/secQsn HTTP/1.1
Authorization: Bearer cNwIXatB0wk5ZHO0xG5kxuuLubesWcb_yPPqLOFWDuwzMDc0Nz
Cache-Control: no-cache

Response

{
    "question": "Как звали вашего первого питомца"
}

Checking the answer

Method

POST https://login.company.com/blitz/api/v3/users/{subjectId}/secQsn/check

Checking the correctness of the answer to the security question.

Required permissions: blitz_api_usec or blitz_api_sys_usec.

Request body

A security question (question) and the answer to it (answer).

Returns

• In case of successful verification of the question and response - 204 No Content.

• Otherwise - 400 Bad request.

Example

Request

POST /blitz/api/v3/users/d2580c98-e584-4aad-a591-97a8cf45cd2a/secQsn/check HTTP/1.1
Authorization: Bearer cNwIXatB0wk5ZHO0xG5kxuuLubesWcb_yPPqLOFWDuwzMDc0Nz
Content-Type: application/json
X-Forwarded-For: 200.200.100.100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5)…

{
    "question": "Как звали вашего первого питомца",
    "answer": "Тигр"
}

Error

The security question did not match

{
    "type": "process_error",
    "error": "wrong_security_answer",
    "desc": "security question not match"
}

The answer to the security question did not match

{
    "type": "process_error",
    "error": "wrong_security_answer",
    "desc": "security answer not match"
}

The user’s security question is not set

{
    "type": "process_error",
    "error": "wrong_security_answer",
    "desc": "security question not found"
}

Setting or changing a question

Method

POST https://login.company.com/blitz/api/v3/users/{subjectId}/secQsn

Setting or changing the user’s security question.

Required permissions: blitz_api_sys_usec_chg or blitz_api_sys_usec_chg.

Request body

A security question (question) and the answer to it (answer).

Returns

In case of successful setting of the security question - 204 No Content.

Request example

POST /blitz/api/v3/users/d2580c98-e584-4aad-a591-97a8cf45cd2a/secQsn HTTP/1.1
Authorization: Bearer cNwIXatB0wk5ZHO0xG5kxuuLubesWcb_yPPqLOFWDuwzMDc0Nz
Content-Type: application/json
X-Forwarded-For: 200.200.100.100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5)…

{
    "question": "Как звали вашего первого питомца",
    "answer": "Тигр"
}

Deleting a question

Method

DELETE https://login.company.com/blitz/api/v3/users/{subjectId}/secQsn

Deleting the security question from the user’s account.

Required permissions: blitz_api_usec_chg``or ``blitz_api_sys_usec_chg.

Returns

If successful - 204 No Content.

Request example

DELETE /blitz/api/v3/users/d2580c98-e584-4aad-a591-97a8cf45cd2a/secQsn HTTP/1.1
Authorization: Bearer cNwIXatB0wk5ZHO0xG5kxuuLubesWcb_yPPqLOFWDuwzMDc0Nz
X-Forwarded-For: 200.200.100.100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5)…