User management
CREATE USER
This API can be used to do user registrations from mobile applications. You should send
request body parameters in JSON format.
Request
[POST] https://login.xecurify.com/moas/rest/oauth/users/registerRequest header:
Authorization: Basic Base64ValueOf(CLIENT_ID+”:”+CLIENT_SECRET)
Content-Type: application/jsonRequest Body (JSON format):
{
"customerKey" : "1",
"email" : "<user-email>",
"phone" : "<mobile-number-with-country-code>",
"firstName" : "<first-name>",
"lastName" : "<last-name>",
“password” : “<password>”,
'customAttribute1' => '',
'customAttribute2' => '',
'customAttribute3' => '',
'customAttribute4' => '',
'customAttribute5' => ''
}Response
Success Response Example:
{
"Status":"SUCCESS",
"txId":"f24beffc-8d6b-11e8-913b-40b03405cc4f",
"action":"SMS",
"message":"OTP has been sent to xxxxxxxxxxx42. Please verify your phone with OTP you received."
}Error Response Example:
{
"status":"FAILED",
"message":"User already exists with this email."
}VERIFY USER
Request
[POST] https://login.xecurify.com/moas/rest/oauth/users/activateRequest headers:
Authorization: Basic Base64ValueOf(CLIENT_ID+”:”+CLIENT_SECRET)
Content-Type: application/x-www-form-urlencodedRequest Parameters:
{
"txId": "Received from step (a) above",
"otp": "One time password received on mobile number"
}Response
Success Response Example:
{
"Status":"SUCCESS",
"message":"User account is activated."
}Error Response Example:
{
"Status":"FAILED",
"txId":"f24beffc-8d6b-11e8-913b-40b03405cc4f",
"message":"Invalid One Time Passcode provided."
}RESEND OTP
[POST] https://login.xecurify.com/moas/rest/oauth/users/register/resendotpRequest headers:
Authorization: Basic Base64ValueOf(CLIENT_ID+”:”+CLIENT_SECRET)
Content-Type: application/x-www-form-urlencodedRequest Parameters:
txId=<Received from step (a) above>Response
{
"txId":"207f2ad0-da94-11e8-a05f-02b039385610",
"action":"SMS",
"message":"OTP has been sent to xxxxxxxxxxx42. Please verify your phone with OTP you received.","status":"SUCCESS"
}GET USERS PROFILE
This API can be used to fetch updated profile information with access token which was assigned
to the user.
[GET] https://login.xecurify.com/moas/rest/oauth/getuserinfoRequest header:
Authorization: Bearer <access-token-value>Response:
User attributes JSON
RESET USER PASSWORD
This API can be used to do password reset from mobile applications. You should provide
current password and new password in API request.
Request
[POST] https://login.xecurify.com/moas/rest/oauth/users/resetpasswordRequest header:
Authorization: Bearer <access-token-value>
Content-Type: application/x-www-form-urlencodedRequest Parameters:
currentPassword=<users-current-password>&newPassword=<users-new-password>Response
Success Response Example:
{
"status":"SUCCESS",
"message":"Password has been updated for the user."
}Error Response Example:
{
"status":"FAILED",
"message":"The current password provided is not correct."
}UPDATE USER PROFILE API
Update user profile attributes
This API can be used to update user profile attributes.
[POST] https://login.xecurify.com/moas/rest/oauth/users/updateRequest header:
Authorization: Bearer <access-token-value>
Content-Type: application/jsonRequest Body (JSON format):
{
"customerKey" : "1",
"username" : "<username>",
"firstName" : "<first-name>",
"lastName" : "<last-name>”,
'customAttribute1' => '<custom-attribute-1>'
'customAttribute2' => '<custom-attribute-2>'
'customAttribute3' => '<custom-attribute-3>'
'customAttribute4' => '<custom-attribute-4>'
}Update user email with OTP verification
This API can be used to update user’s email address after verifying new email with OTP.
-
Request for email update
[POST] https://login.xecurify.com/moas/rest/oauth/users/update/emailRequest header:
Authorization: Bearer <access-token-value> Content-Type: application/x-www-form-urlencodedRequest Parameters:
newEmail=<users-new-email>Sample Response:
{ "txId":"b50dac18-9357-11e8-8ad5-40b03405cc4f", "message":"An OTP has been sent to txxxxxxx4@mxxxxxxxxx.in.", "status":"SUCCESS" } -
Verify OTP
[POST] https://login.xecurify.com/moas/rest/oauth/users/update/email/verifyRequest header:
Authorization: Bearer <access-token-value> Content-Type: application/x-www-form-urlencodedRequest Parameters:
Parameter Value txId transaction ID from request (1) above otp OTP received on new email Sample Response:
{ "message":"Email is updated successfully.", "status":"SUCCESS" }
Update user phone with OTP verification
This API can be used to update user’s phone number after verifying new phone with OTP.
-
Request for phone update
[POST] https://login.xecurify.com/moas/rest/oauth/users/update/phoneRequest header:
Authorization: Bearer <access-token-value> Content-Type: application/x-www-form-urlencodedRequest Parameters:
newPhone=<users-new-phone>Sample Response:
{ "txId":"ba5cebb9-9362-11e8-8439-40b03405cc4f", "message":"An OTP has been sent to xxxxxxxxxxx42.", "status":"SUCCESS" } -
Verify OTP
[POST] https://login.xecurify.com/moas/rest/oauth/users/update/phone/verifyRequest header:
Authorization: Bearer <access-token-value> Content-Type: application/x-www-form-urlencodedRequest Parameters:
Parameter Value txId transaction ID from request (1) above otp OTP received on new phone Sample Response:
{ "message":"Phone Number is updated successfully.", "status":"SUCCESS" }
FORGOT PASSWORD API
This API can be used to reset password for the user either with PHONE or EMAIL as per users
preference.
Select Preferred method to reset password
[POST] https://login.xecurify.com/moas/rest/oauth/users/forgotpasswordRequest header:
Authorization: Basic Base64ValueOf(CLIENT_ID+”:”+CLIENT_SECRET)
Content-Type: application/x-www-form-urlencodedRequest Parameters:
| Parameter | Value |
|---|---|
| userName | User’s email or phone |
| preferredMethod | SMS or EMAIL |
Response:
{
"Status":"SUCCESS",
"txId":"48c38889-8cea-11e8-ac43-40b03405cc4f",
"action":"SMS",
"message":"OTP has been sent to xxxxxxxxxxx42. Please verify your phone with OTP you received."
}{
"Status":"SUCCESS",
"txId":"d713e03d-8cea-11e8-ac43-40b03405cc4f",
"action":"EMAIL",
"message":"An email has been sent to rxxxxxxx1@mxxxxxxxxx.in. Please verify your email address with the link provided."
}Verify OTP
[POST] https://login.xecurify.com/moas/rest/oauth/users/forgotpassword/verifyotpRequest header:
Authorization: Basic Base64ValueOf(CLIENT_ID+”:”+CLIENT_SECRET)
Content-Type: application/x-www-form-urlencodedRequest Parameters:
| Parameter | Value |
|---|---|
| txId | transaction ID from above request |
| otp | OTP received on new email |
Sample Response:
{
"message":"Email is updated successfully.",
"status":"SUCCESS",
"token": "ac11cebb-9360-11e8-8433-38b03404cc4f"
}Set New Password
[POST] https://login.xecurify.com/moas/rest/oauth/users/setpasswordRequest headers:
Authorization: Basic Base64ValueOf(CLIENT_ID+”:”+CLIENT_SECRET)
Content-Type: application/x-www-form-urlencodedRequest Parameters:
| Parameter | Value |
|---|---|
| token | One time token received from Verify OTP operation above |
| password | New password |
| confirmPassword | Confirm password |
Sample Response:
Error Sample Responses:
{
"Status":"FAILED",
"message":"Invalid Token Details.",
"token" :"d713e03d-8cea-11e8-ac43-40b03405cc4f"
}{
"status":"FAILED",
"message":"Password does not match the confirm password. Type both passwords again."
}Success Sample Response:
{
"status":"SUCCESS",
"message":"Password has been updated for the user."
}