Docs
  • Get Started with Up2 MoneyπŸš€
  • πŸ”Authentication
    • Get Started
    • Login with password
  • πŸ’³Card issuing
    • POST - Create Cards
    • GET - All Cards
    • GET - Card Status
    • POST - Activate Card (Physical)
    • POST - Block Card
    • POST - Unblock Card
    • GET - Card Limit
    • GET - Card Balance
    • GET - Card Transactions
    • PUT - Update Card Limit
    • POST - Step up
    • POST - Verify Step up
  • API - Payment Gateway
    • Integration Reference
    • Orders and operation paradigm
    • Workflows
    • API overview
    • Additional capabilities
    • Actions
    • Testing
  • HELP πŸ™
    • Country coverage
    • Vulnerability disclosure
    • Contact us
    • Changelog
Powered by GitBook
On this page
  • End point
  • Headers
  • Payload
  • Sample Request
  • Sample Response
  • Response Status
  1. Card issuing

POST - Step up

Issue a one-time password that can be used to step-up a token, then run the Step up verify api to validate your stepup.

Last updated 1 year ago

Initiates the step-up token process by sending an SMS with an one-time-password to a device belonging to the logged-in user that was previously enrolled through https:///api.up.money/cards/limits/{cardId}/send-otp endpoint.

This process is required for endpoints that require a step-up token to complete the call.

Note that on the Sandbox Environment, text messages are not sent and the one-time-password is always "123456".

End point

https://api.up.money/auth/stepup/send-otp

Headers

Security

REQUEST BODY SCHEMA: application/json

API SECRET: x-secret

Add YWJjMTIzIQ== in x-secret in headers.

Header parameter name: x-secret

HTTP: Authorization-key

The authentication token representing the user. This will be included in the login response object as token.

Header parameter name: Authorization-key

Payload

{
    "type": "SMS" // Optional by default SMS will be used
}

Sample Request

curl --location 'https://api.up2.money/auth/stepup/send-otp' \
--header 'x-secret: YWJjMTIzIQ==' \
--header 'Authorization-Key: YOUR_AUTHORIZATION_KEY' \
--header 'Content-Type: application/json' \
--data '{
    "channel": "SMS"
}'

Sample Response

No content

{
  "message": "string",
  "syntaxErrors": {
    "invalidFields": [
      {
        "params": [
          "string"
        ],
        "fieldName": "string",
        "error": "REQUIRED"
      }
    ]
  }
}

Response Status

204 Success - No Content.

400 Bad Request Error - Your request is invalid.

errorCode: Enum: "REQUIRED" "HAS_TEXT" "REQUIRES" "SIZE" "RANGE" "IN" "NOT_IN" "REGEX" "EXACTLY" "AT_LEAST" "AT_MOST" "ALL_OR_NONE"

401 Unauthorized - Your credentials or access token are invalid.

403 Forbidden - Access to the requested resource or action is forbidden.

404 Not found - The requested resource couldn't be found.

405 Method Not Allowed - The request was received but has been rejected for the requested resource.

409 Conflict

errorCode: Enum: "CHANNEL_NOT_SUPPORTED" "CHANNEL_NOT_REGISTERED" "MOBILE_NUMBER_INVALID" "MOBILE_COUNTRY_NOT_SUPPORTED"

429 Too many requests.

500 Internal Server Error - There is a problem with the server. Please try again later.

503 Service Unavailable - We're temporarily offline for maintenance. Please try again later.

πŸ’³
πŸ”
πŸ”