Connect to Netevia Banking Services API
API Reference
Start typing to search…

/api/CodeVerification/check

post https://api.banking.netevia.dev/api/CodeVerification/check

API Method: POST /api/CodeVerification/check

Action: Verify Submitted Code

Description:

This API method is used to validate a verification code previously sent to a user via the /api/CodeVerification/send endpoint. The code is checked in the context of a specific action (such as login, transaction approval, password reset, etc.) defined by the shortMessageType parameter. If the code is valid and not expired, the action can proceed.

Endpoint:

POST https://api.banking.netevia.dev/api/CodeVerification/check

Functionality:

  • Purpose: Confirms that the user-provided verification code matches the one generated for a specific action.
  • Use Case: Commonly used in multi-factor authentication (MFA) flows to confirm identity or authorization before allowing sensitive operations.

Request Headers:

  • Authorization: Bearer token (if required by context)
  • Content-Type: application/json

Request Body Parameters:

ParameterTypeRequiredDescription
codestringYesThe verification code entered by the user. Must be at least 1 character.
shortMessageTypestringYesThe context or purpose for the code verification.
Accepted Values for shortMessageType:
  • UNKNOWN: Unspecified or default type.
  • APPROVE_TRANSACTION: Approval required for a financial transaction.
  • APPROVE_PAYEE: Approval for adding or modifying a payee.
  • ApproveLinkedAccount: Approval to link an external account.
  • RestorePassword: Verification for password reset.
  • AttemptLogin: Verification for login attempt.
  • TransferPoints: Authorization to transfer reward/loyalty points.
  • SetEwaRequest: Approval for an Earned Wage Access (EWA) request.
  • ContactInfoUpdateRequest: Verification for updating contact information.

Example Request:

{
  "code": "742839",
  "shortMessageType": "RestorePassword"
}

Example Response:

{
  "status": "verified",
  "message": "Verification successful."
}

Response Codes:

  • 200 OK: The code is valid and has been successfully verified.
  • 400 Bad Request: The code is invalid, expired, or the parameters are missing/malformed.
  • 401 Unauthorized: Authentication token is invalid or missing.
  • 403 Forbidden: The code is incorrect or has already been used.
  • 429 Too Many Requests: Too many incorrect attempts; verification temporarily blocked.
  • 500 Internal Server Error: Unexpected server error during verification process.

Notes:

  • Security Considerations:
    • Codes typically expire after a short period for security reasons.
    • Multiple failed attempts may trigger a lockout or delay.
  • Pairing with Send Endpoint:
    • This method should always follow a successful call to /api/CodeVerification/send.

This method ensures the legitimacy of user actions and helps enforce secure workflows for all critical operations within the banking application.

Language
Credentials
Bearer
JWT
Click Try It! to start a request and see the response here!