Authentication API for Web Integration
The document explains authentication using BSA API. Below is the list of API calls
- Authentication Request
- Check Authentication Request
- Check Authentication Result
- Cancel Authentication Request
- Get User Information
Important:
Please note that listed API above a~c is the order of authentication API calls. The sequence is the same except for the Authentication Request as it has 4 types. Client Key as per provide in the registration email.
Below are the 4 types of BSA Authentication method
- Authentication using User ID
- Authenctication using QR
- Authentication using OTP
- Authentication using TOTP
Important:
Kindly note that there will be slightly different on the API calls for OTP and TOTP authentication method.
1. Authentication using user ID
a. Authentication Request
To request authentication API
POST
https://api.fnsbsa.com/api/v3/auth
Header
Field | Description |
---|---|
Content-Type | Application/json |
Parameter
Field | Type | Description |
---|---|---|
clientKey | String | Client Key |
userKey | String | Username/ user ID |
isOtpAuth | Boolean | False (normal authentication) |
authPlatform | String | CMMAPF001 (Default) |
Example
{
"clientKey":"Insert your clientKey",
"userKey":"User ID",
"isOtpAuth": false,
"authPlatform":"CMMAPF001"
}
Return
Field | Type | Description |
---|---|---|
rtCode | Integer | Successful Return Code 0 |
channelKey | String | Channel Key |
userKey | String | User ID |
connectIP | String | Connected IP address user |
authTimeRemaining | String | Authentication Time |
iconBaseValue | String | Authentication Type |
fingerBaseValue | String | Authentication Type |
Sample Response
{
"rtCode": 0,
"data": {
"userKey": "User ID",
"channelKey": "zVAzb {Omit long characters} JnqI6+==",
"connectIp": "0:0:0:0:0:0:0:1",
"authTimeRemaining": 30000,
"iconBaseValue": 2,
"fingerBaseValue": 3
}
}
b. Check Authentication Status
To check Authentication Status
Get
https://api.fnsbsa.com/api/v3/app/websocket
Header
Field | Description |
---|---|
Content-Type | Application/json |
Parameter
Field | Type | Description |
---|---|---|
channelKey | String | Channel Key |
clientKey | String | Client Key |
userKey | String | User ID |
Example
wss://api.fnsbsa.com/ws/v3/app/websocket?clientKey={Insert your clientKey}&userKey={User ID}&channelKey=zVAzb {Omit long characters} JnqI6+==
Return
Field | Type | Description |
---|---|---|
rtCode | Integer | Successful Return Code 0 |
message | String | Result Message |
userStatus | String | Authentication Status Code |
Sample Response
{
"rtCode": 0,
"data": {
"message": "success code",
"userStatus": "AuthCompleted"
}
}
c. Get Authentication Result
To get Authentication Result
GET
https://api.fnsbsa.com/api/v3/auth
Header
Field | Description |
---|---|
Content-Type | Application/json |
Parameter
Field | Type | Description |
---|---|---|
channelKey | String | Channel Key (Encoded) |
clientKey | String | Client Key |
userKey | String | User ID |
example
https://api.fnsbsa.com/api/v3/auth?clientKey={Insert your clientKey}&userKey={User ID}&channelKey=zVAzb {Omit long characters} JnqI6+==
Sample Response
{
"rtCode": 0,
"data": "eyJhbGciOiJI {Token} AUkA5g"
}
Return
Field | Type | Description |
---|---|---|
rtCode | Integer | Successful Return Code 0 |
data | String | BSA Success Token Value |
Sample response
{
"rtCode": 0,
"data": "eyJhbGciOiJI {Token} AUkA5g"
}
2. Authentication using QR
a. Authentication Request
To request Authentication API.
POST
https://api.fnsbsa.com/api/v3/qr/generate?clientKey={Insert your clientKey}&authPlatform=CMMAPF001
Header
Field | Description |
---|---|
Content-Type | Application/json |
Parameter
Field | Type | Description |
---|---|---|
clientKey | String | Client Key |
authPlatform | String | CMMAPF001 (default) |
example
{
"clientKey":"Insert your clientKey",
"authPlatform":"CMMAPF001",
}
Return
Field | Type | Description |
---|---|---|
rtCode | Integer | Successful Return Code 0 |
data | String | BSA Success Token Value |
qrId | String | QR unique ID |
qrUrl | String | QR URL |
Sample response
{
"rtCode": 0,
"data": {
"qrId": "0f75a8f2-{Omit long characters}",
"qrUrl": "otpauth://totp/{Insert your clientKey}&platform=CMMAPF001{Omit long characters}",
}
}
b. Check Authentication Status
To check Authentication Status
GET
https://api.fnsbsa.com/api/v3/app/qr/websocket?qrId={Insert your qrId}
Parameter
Field | Type | Description |
---|---|---|
qrId | String | QR unique ID |
Example
wss://api.fnsbsa.com/ws/v3/app/qr/websocket?qrId={Insert your qrId}
Return
Field | Type | Description |
---|---|---|
rtCode | Integer | Successful Return Code 0 |
message | String | Result Message |
userStatus | String | Authentication Status Code |
Sample Response
{
"rtCode": 0,
"data": {
"message": "success code",
"userStatus": "AuthCompleted"
}
}
c. Get Authentication Result
To get Authentication Result
GET
https://api.fnsbsa.com/api/v3/auth
Header
Field | Description |
---|---|
Content-Type | Application/json |
Parameter
Field | Type | Description |
---|---|---|
channelKey | String | Channel Key |
clientKey | String | Client Key |
userKey | String | User ID |
Example
https://api.fnsbsa.com/api/v3/auth?clientKey={Insert your clientKey}&userKey={User ID}&channelKey=zVAzb {Omit long characters} JnqI6+==
Return
Field | Type | Description |
---|---|---|
rtCode | Integer | Successful Return Code 0 |
data | String | BSA Token Value |
Sample Response
{
"rtCode": 0,
"data": "eyJhbGciOiJI {Token} AUkA5g"
}
3. Authentication Using OTP
a. Authentication Request
To get Authentication Result
POST
https://api.fnsbsa.com/api/v3/qr/generate?clientKey={Insert your clientKey}&authPlatform=CMMAPF001
Header
Field | Description |
---|---|
Content-Type | Application/json |
Parameter
Field | Type | Description |
---|---|---|
clientKey | String | Client Key |
userKey | String | User ID |
isOtpAuth | Boolean | True |
authPlatform | String | CMMAPF001 (default) |
example
{
"clientKey":"Insert your clientKey",
"userKey":"User ID",
"isOtpAuth": true,
"authPlatform":"CMMAPF001",
}
Return
Field | Type | Description |
---|---|---|
rtCode | Integer | Successful Return Code 0 |
channelKey | String | Channel Key |
userKey | String | userID |
connectIP | String | Connected IP Address user |
authTimeRemaining | String | Authentcation Time |
iconBaseValue | String | Authentication Type |
fingerBaseValue | String | Authentication Type |
Sample response
{
"rtCode": 0,
"data": {
"userKey": "User ID",
"channelKey": "zVAzb {Omit long characters} JnqI6+==",
"connectIp": "0:0:0:0:0:0:0:1",
"authTimeRemaining": 30000,
"iconBaseValue": 2,
"fingerBaseValue": 3
}
}
b. Check Authentication Status
To Check Authentication Status
GET
https://api.fnsbsa.com/api/v3/app/websocket
Parameter
Field | Type | Description |
---|---|---|
channelKey | String | Channel Key |
clientKey | String | Client Key |
userKey | String | User ID |
Example
wss://api.fnsbsa.com/ws/v3/app/websocket?clientKey={Insert your clientKey}&userKey={Insert you userkey}&channelKey=zVAzb {Omit long characters} JnqI6+==
Return
Field | Type | Description |
---|---|---|
rtCode | Integer | Successful Return Code 0 |
message | String | Result Message |
userStatus | String | Authentication Status Code |
Sample Response
{
"rtCode": 0,
"data": {
"message": "success code",
"userStatus": "AuthCompleted"
}
}
c. Verify the OTP
To verify the OTP
POST
https://api.fnsbsa.com/api/v3/otp/user/verify
Parameter
Field | Type | Description |
---|---|---|
clientKey | String | Client Key |
userKey | String | User ID |
otpCode | String | 6-digit OTP Code |
authPlatform | String | CMMAPF001 (default) |
Example
{
"clientKey":"Request your clientkey from admin",
"otpCode":"898448",
"userKey":"User ID ",
"authPlatform":"CMMAPF001"
}
Return
Field | Type | Description |
---|---|---|
rtCode | Integer | Successful Return Code 0 |
data | String | BSA Token Value |
Sample Response
{
"rtCode": 0,
"data": "eyJhbGciOiJI {Token} AUkA5g"
}
4. Authentication using TOTP
a.Authentication Request
To request Authentication API
POST
https://api.fnsbsa.com/api/v3/totp/user/verify
Header
Field | Description |
---|---|
Content-Type | Application/json |
Parameter
Field | Type | Description |
---|---|---|
clientKey | String | Client Key |
userKey | String | User ID |
otpCode | String | 6-digit OTP Code |
authPlatform | String | CMMAPF001 (Default) |
Example
{
"clientKey":"Insert your clientKey",
"userKey":"User ID ",
"otpCode": 134625,
"authPlatform":"CMMAPF001"
}
Return
Field | Type | Description |
---|---|---|
rtCode | Integer | Successful Return Code 0 |
data | String | BSA Success Token Value |
Sample Response
{
"rtCode": 0,
"data": "eyJhbGciOiJI {Token} AUkA5g"
}
d. Cancel Authentication
DELETE
https://api.fnsbsa.com/api/v3/auth
Header
Field | Description |
---|---|
Content-Type | Application/json |
Parameter
Field | Type | Description |
---|---|---|
clientKey | String | Client Key |
userKey | String | User ID |
Example
{
"clientKey": “{Insert your clientKey}”,
"userKey": "User ID"
}
Return
Field | Type | Description |
---|---|---|
rtCode | String | Successful Return Code 0 |
Sample Response
{
"rtCode":0
}
e. View User BSA Information
This API is to get user information. This API may be called once successful and completed.
GET
https://api.fnsbsa.com/api/v3/me
Header
Field | Description |
---|---|
Authorization | Token, Access Token Value |
Return
Field | Type | Description |
---|---|---|
rtCode | String | Successful Return Code 0 |
data | String | userKey, clientKey, clientName, userType, userStatus, email, registerDate |
Sample Response
{
"rtCode": 0,
"data": {
"userKey": "User ID",
"clientKey":"d05a73e73acb43b888c9554b90675c63",
"clientName": "exampleClient",
"userStatus": "CMMMST001",
"userType": "CMMMCL001",
"name": "your-name",
"email": "developer@exampleClient.com",
"authType": 1,
"regDt": "20230201 10:45:02.00 +0000"
}
}