Authentication API for Web Integration
The document explains authentication using BSA API. Below is the list of API calls
- Authentication Request
- Check Authentication Request
- Check Authentication Result
- Cancel Authentication Request
- Get User Information
Important:
Please note that listed API above a~c is the order of authentication API calls. The sequence is the same except for the Authentication Request as it has 4 types. Client Key as per provide in the registration email.
Below are the 4 types of BSA Authentication method
- Authentication using User ID
- Authenctication using QR
- Authentication using OTP
- Authentication using TOTP
Important:
Kindly note that there will be slightly different on the API calls for OTP and TOTP authentication method.
1. Authentication using user ID
a. Authentication Request
To request authentication API
POST
https://api.fnsbsa.com/api/v3/authHeader
| Field | Description |
|---|---|
| Content-Type | Application/json |
Parameter
| Field | Type | Description |
|---|---|---|
| clientKey | String | Client Key |
| userKey | String | Username/ user ID |
| isOtpAuth | Boolean | False (normal authentication) |
| authPlatform | String | CMMAPF001 (Default) |
Example
js
{
"clientKey":"Insert your clientKey",
"userKey":"User ID",
"isOtpAuth": false,
"authPlatform":"CMMAPF001"
}Return
| Field | Type | Description |
|---|---|---|
| rtCode | Integer | Successful Return Code 0 |
| channelKey | String | Channel Key |
| userKey | String | User ID |
| connectIP | String | Connected IP address user |
| authTimeRemaining | String | Authentication Time |
| iconBaseValue | String | Authentication Type |
| fingerBaseValue | String | Authentication Type |
Sample Response
js
{
"rtCode": 0,
"data": {
"userKey": "User ID",
"channelKey": "zVAzb {Omit long characters} JnqI6+==",
"connectIp": "0:0:0:0:0:0:0:1",
"authTimeRemaining": 30000,
"iconBaseValue": 2,
"fingerBaseValue": 3
}
}b. Check Authentication Status
To check Authentication Status
Get
https://api.fnsbsa.com/api/v3/app/websocketHeader
| Field | Description |
|---|---|
| Content-Type | Application/json |
Parameter
| Field | Type | Description |
|---|---|---|
| channelKey | String | Channel Key |
| clientKey | String | Client Key |
| userKey | String | User ID |
Example
wss://api.fnsbsa.com/ws/v3/app/websocket?clientKey={Insert your clientKey}&userKey={User ID}&channelKey=zVAzb {Omit long characters} JnqI6+==Return
| Field | Type | Description |
|---|---|---|
| rtCode | Integer | Successful Return Code 0 |
| message | String | Result Message |
| userStatus | String | Authentication Status Code |
Sample Response
js
{
"rtCode": 0,
"data": {
"message": "success code",
"userStatus": "AuthCompleted"
}
}c. Get Authentication Result
To get Authentication Result
GET
https://api.fnsbsa.com/api/v3/authHeader
| Field | Description |
|---|---|
| Content-Type | Application/json |
Parameter
| Field | Type | Description |
|---|---|---|
| channelKey | String | Channel Key (Encoded) |
| clientKey | String | Client Key |
| userKey | String | User ID |
example
https://api.fnsbsa.com/api/v3/auth?clientKey={Insert your clientKey}&userKey={User ID}&channelKey=zVAzb {Omit long characters} JnqI6+==Sample Response
js
{
"rtCode": 0,
"data": "eyJhbGciOiJI {Token} AUkA5g"
}Return
| Field | Type | Description |
|---|---|---|
| rtCode | Integer | Successful Return Code 0 |
| data | String | BSA Success Token Value |
Sample response
js
{
"rtCode": 0,
"data": "eyJhbGciOiJI {Token} AUkA5g"
}2. Authentication using QR
a. Authentication Request
To request Authentication API.
POST
https://api.fnsbsa.com/api/v3/qr/generate?clientKey={Insert your clientKey}&authPlatform=CMMAPF001Header
| Field | Description |
|---|---|
| Content-Type | Application/json |
Parameter
| Field | Type | Description |
|---|---|---|
| clientKey | String | Client Key |
| authPlatform | String | CMMAPF001 (default) |
example
js
{
"clientKey":"Insert your clientKey",
"authPlatform":"CMMAPF001",
}Return
| Field | Type | Description |
|---|---|---|
| rtCode | Integer | Successful Return Code 0 |
| data | String | BSA Success Token Value |
| qrId | String | QR unique ID |
| qrUrl | String | QR URL |
Sample response
js
{
"rtCode": 0,
"data": {
"qrId": "0f75a8f2-{Omit long characters}",
"qrUrl": "otpauth://totp/{Insert your clientKey}&platform=CMMAPF001{Omit long characters}",
}
}b. Check Authentication Status
To check Authentication Status
GET
https://api.fnsbsa.com/api/v3/app/qr/websocket?qrId={Insert your qrId}Parameter
| Field | Type | Description |
|---|---|---|
| qrId | String | QR unique ID |
Example
wss://api.fnsbsa.com/ws/v3/app/qr/websocket?qrId={Insert your qrId}Return
| Field | Type | Description |
|---|---|---|
| rtCode | Integer | Successful Return Code 0 |
| message | String | Result Message |
| userStatus | String | Authentication Status Code |
Sample Response
js
{
"rtCode": 0,
"data": {
"message": "success code",
"userStatus": "AuthCompleted"
}
}c. Get Authentication Result
To get Authentication Result
GET
https://api.fnsbsa.com/api/v3/authHeader
| Field | Description |
|---|---|
| Content-Type | Application/json |
Parameter
| Field | Type | Description |
|---|---|---|
| channelKey | String | Channel Key |
| clientKey | String | Client Key |
| userKey | String | User ID |
Example
https://api.fnsbsa.com/api/v3/auth?clientKey={Insert your clientKey}&userKey={User ID}&channelKey=zVAzb {Omit long characters} JnqI6+==Return
| Field | Type | Description |
|---|---|---|
| rtCode | Integer | Successful Return Code 0 |
| data | String | BSA Token Value |
Sample Response
js
{
"rtCode": 0,
"data": "eyJhbGciOiJI {Token} AUkA5g"
}3. Authentication Using OTP
a. Authentication Request
To get Authentication Result
POST
https://api.fnsbsa.com/api/v3/qr/generate?clientKey={Insert your clientKey}&authPlatform=CMMAPF001Header
| Field | Description |
|---|---|
| Content-Type | Application/json |
Parameter
| Field | Type | Description |
|---|---|---|
| clientKey | String | Client Key |
| userKey | String | User ID |
| isOtpAuth | Boolean | True |
| authPlatform | String | CMMAPF001 (default) |
example
js
{
"clientKey":"Insert your clientKey",
"userKey":"User ID",
"isOtpAuth": true,
"authPlatform":"CMMAPF001",
}Return
| Field | Type | Description |
|---|---|---|
| rtCode | Integer | Successful Return Code 0 |
| channelKey | String | Channel Key |
| userKey | String | userID |
| connectIP | String | Connected IP Address user |
| authTimeRemaining | String | Authentcation Time |
| iconBaseValue | String | Authentication Type |
| fingerBaseValue | String | Authentication Type |
Sample response
js
{
"rtCode": 0,
"data": {
"userKey": "User ID",
"channelKey": "zVAzb {Omit long characters} JnqI6+==",
"connectIp": "0:0:0:0:0:0:0:1",
"authTimeRemaining": 30000,
"iconBaseValue": 2,
"fingerBaseValue": 3
}
}b. Check Authentication Status
To Check Authentication Status
GET
https://api.fnsbsa.com/api/v3/app/websocketParameter
| Field | Type | Description |
|---|---|---|
| channelKey | String | Channel Key |
| clientKey | String | Client Key |
| userKey | String | User ID |
Example
wss://api.fnsbsa.com/ws/v3/app/websocket?clientKey={Insert your clientKey}&userKey={Insert you userkey}&channelKey=zVAzb {Omit long characters} JnqI6+==Return
| Field | Type | Description |
|---|---|---|
| rtCode | Integer | Successful Return Code 0 |
| message | String | Result Message |
| userStatus | String | Authentication Status Code |
Sample Response
js
{
"rtCode": 0,
"data": {
"message": "success code",
"userStatus": "AuthCompleted"
}
}c. Verify the OTP
To verify the OTP
POST
https://api.fnsbsa.com/api/v3/otp/user/verifyParameter
| Field | Type | Description |
|---|---|---|
| clientKey | String | Client Key |
| userKey | String | User ID |
| otpCode | String | 6-digit OTP Code |
| authPlatform | String | CMMAPF001 (default) |
Example
js
{
"clientKey":"Request your clientkey from admin",
"otpCode":"898448",
"userKey":"User ID ",
"authPlatform":"CMMAPF001"
}Return
| Field | Type | Description |
|---|---|---|
| rtCode | Integer | Successful Return Code 0 |
| data | String | BSA Token Value |
Sample Response
js
{
"rtCode": 0,
"data": "eyJhbGciOiJI {Token} AUkA5g"
}4. Authentication using TOTP
a.Authentication Request
To request Authentication API
POST
https://api.fnsbsa.com/api/v3/totp/user/verifyHeader
| Field | Description |
|---|---|
| Content-Type | Application/json |
Parameter
| Field | Type | Description |
|---|---|---|
| clientKey | String | Client Key |
| userKey | String | User ID |
| otpCode | String | 6-digit OTP Code |
| authPlatform | String | CMMAPF001 (Default) |
Example
js
{
"clientKey":"Insert your clientKey",
"userKey":"User ID ",
"otpCode": 134625,
"authPlatform":"CMMAPF001"
}Return
| Field | Type | Description |
|---|---|---|
| rtCode | Integer | Successful Return Code 0 |
| data | String | BSA Success Token Value |
Sample Response
js
{
"rtCode": 0,
"data": "eyJhbGciOiJI {Token} AUkA5g"
}d. Cancel Authentication
DELETE
https://api.fnsbsa.com/api/v3/authHeader
| Field | Description |
|---|---|
| Content-Type | Application/json |
Parameter
| Field | Type | Description |
|---|---|---|
| clientKey | String | Client Key |
| userKey | String | User ID |
Example
js
{
"clientKey": “{Insert your clientKey}”,
"userKey": "User ID"
}Return
| Field | Type | Description |
|---|---|---|
| rtCode | String | Successful Return Code 0 |
Sample Response
js
{
"rtCode":0
}e. View User BSA Information
This API is to get user information. This API may be called once successful and completed.
GET
https://api.fnsbsa.com/api/v3/meHeader
| Field | Description |
|---|---|
| Authorization | Token, Access Token Value |
Return
| Field | Type | Description |
|---|---|---|
| rtCode | String | Successful Return Code 0 |
| data | String | userKey, clientKey, clientName, userType, userStatus, email, registerDate |
Sample Response
js
{
"rtCode": 0,
"data": {
"userKey": "User ID",
"clientKey":"d05a73e73acb43b888c9554b90675c63",
"clientName": "exampleClient",
"userStatus": "CMMMST001",
"userType": "CMMMCL001",
"name": "your-name",
"email": "developer@exampleClient.com",
"authType": 1,
"regDt": "20230201 10:45:02.00 +0000"
}
}