Security questions#

Checking for a question#

Method

GET https://login.company.com/blitz/api/v3/users/{subjectId}/secQsn

Checking whether the user has a security question.

Required permissions: blitz_api_usec or blitz_api_sys_usec.

Returns

  • If the security question is asked - the text of the security question.

  • If the security question is not asked - 404 Not Found.

Example

GET /blitz/api/v3/users/d2580c98-e584-4aad-a591-97a8cf45cd2a/secQsn HTTP/1.1
Authorization: Bearer cNwIXatB0wk5ZHO0xG5kxuuLubesWcb_yPPqLOFWDuwzMDc0Nz
Cache-Control: no-cache

{
    "question": "Как звали вашего первого питомца"
}

Checking the answer#

Method

POST https://login.company.com/blitz/api/v3/users/{subjectId}/secQsn/check

Checking the correctness of the answer to the security question.

Required permissions: blitz_api_usec or blitz_api_sys_usec.

Request body

A security question (question) and the answer to it (answer).

Returns

  • In case of successful verification of the question and response - 204 No Content.

  • Otherwise - 400 Bad request.

Example

POST /blitz/api/v3/users/d2580c98-e584-4aad-a591-97a8cf45cd2a/secQsn/check HTTP/1.1
Authorization: Bearer cNwIXatB0wk5ZHO0xG5kxuuLubesWcb_yPPqLOFWDuwzMDc0Nz
Content-Type: application/json
X-Forwarded-For: 200.200.100.100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5)…

{
    "question": "Как звали вашего первого питомца",
    "answer": "Тигр"
}
The security question did not match#
{
    "type": "process_error",
    "error": "wrong_security_answer",
    "desc": "security question not match"
}
The answer to the security question did not match#
{
    "type": "process_error",
    "error": "wrong_security_answer",
    "desc": "security answer not match"
}
The user’s security question is not set#
{
    "type": "process_error",
    "error": "wrong_security_answer",
    "desc": "security question not found"
}

Setting or changing a question#

Method

POST https://login.company.com/blitz/api/v3/users/{subjectId}/secQsn

Setting or changing the user’s security question.

Required permissions: blitz_api_sys_usec_chg or blitz_api_sys_usec_chg.

Request body

A security question (question) and the answer to it (answer).

Returns

In case of successful setting of the security question - 204 No Content.

Request example#
POST /blitz/api/v3/users/d2580c98-e584-4aad-a591-97a8cf45cd2a/secQsn HTTP/1.1
Authorization: Bearer cNwIXatB0wk5ZHO0xG5kxuuLubesWcb_yPPqLOFWDuwzMDc0Nz
Content-Type: application/json
X-Forwarded-For: 200.200.100.100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5)…

{
    "question": "Как звали вашего первого питомца",
    "answer": "Тигр"
}

Deleting a question#

Method

DELETE https://login.company.com/blitz/api/v3/users/{subjectId}/secQsn

Deleting the security question from the user’s account.

Required permissions: blitz_api_usec_chg``or ``blitz_api_sys_usec_chg.

Returns

If successful - 204 No Content.

Request example#
DELETE /blitz/api/v3/users/d2580c98-e584-4aad-a591-97a8cf45cd2a/secQsn HTTP/1.1
Authorization: Bearer cNwIXatB0wk5ZHO0xG5kxuuLubesWcb_yPPqLOFWDuwzMDc0Nz
X-Forwarded-For: 200.200.100.100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5)…