User Security
User security allow users to set up security related protections over API.
POST /v1/user/pin
Notes:
POST /v1/users/pin
will be deprecated soon.- Please use the new endpoint /v1/user/pin instead.
Create PIN for a user as a form of authentication.
Can be used to verify pin when accessing a strongly protected endpoint via One Time Token Framework.
Request
A four digits string.
Response
Possible HTTP status codes
PIN is created successfully.
PIN has already been created.
curl -X POST https://api.sandbox.transferwise.tech/v1/user/pin \-H 'Authorization: Bearer <your api token>'-d '{"pin": "1111"}'
DELETE /v1/users/{{userId}}/pin
Can be used to remove the PIN from the user's account, allowing them to reset their PIN using Create PIN API.
Path Variable
User ID.
Response
Possible HTTP status codes
PIN is deleted successfully.
PIN is not setup for this user.
curl -X DELETE https://api.sandbox.transferwise.tech/v1/users/1234/pin \-H 'Authorization: Bearer <your api token>'
{"errors": [{"code": "pin.not.setup","message": "PIN has not been setup."}]}
POST /v1/user/facemap/enrol
Notes:
POST /v1/users/facemap/enrol
will be deprecated soon.- Please use the new endpoint /v1/user/facemap/enrol instead.
Enrol FaceMap: Facial biometric enrolment for Strong Customer Authentication (SCA).
Can be used to verify facemap when accessing a strongly protected endpoint via One Time Token Framework.
Request
Base64-encoded binary data as a string.
For more details how to get this binary, please read FaceTec's export API.
To retrieve Wise's FaceTec public key, please refer to our FaceTec's Get Public Key API.
Response
Possible HTTP status codes
Enrollment is successful.
FaceMap has already been enrolled.
curl -X POST https://api.sandbox.transferwise.tech/v1/user/facemap/enrol \-H 'Authorization: Bearer <your api token>'-d '{"faceMap": "<encrypted_face_map_in_base64_string>"}'
DELETE /v1/users/{{userId}}/facemap/enrol
Can be used to remove the FaceMap from the user's account, allowing them to redo FaceMap enrolment using Enrol FaceMap API.
Path Variable
User ID.
Response
Possible HTTP status codes
FaceMap is deleted successfully.
FaceMap is not setup for this user.
curl -X DELETE https://api.sandbox.transferwise.tech/v1/users/1234/facemap/enrol \-H 'Authorization: Bearer <your api token>'
{"errors": [{"code": "facemap.not.setup","message": "FaceMap has not been setup."}]}
POST /v1/user/phone-numbers
Create Phone number for a user.
Request
A valid phone number.
Phone Number type (PRIMARY)
Revoke user tokens
Response
Possible HTTP status codes
Phone Number is created successfully.
Invalid phone number | Invalid phone number type.
SCA challenge is not passed.
If time base rate limit is exceeded.
curl -X POST https://api.sandbox.transferwise.tech/v1/user/phone-numbers \-H 'Authorization: Bearer <your api token>'-d '{"phoneNumber": "+44**********","type": "PRIMARY","revokeTokens": false}'
{"id":1,"phoneNumber": "+44**********","type": "PRIMARY","verified": true}
GET /v1/user/phone-numbers
Get Phone numbers for a user.
Response
Possible HTTP status codes
Get Phone Number is created successfully.
Invalid Authorization token.
curl -X GET https://api.sandbox.transferwise.tech/v1/user/phone-numbers \-H 'Authorization: Bearer <your api token>'
[{"id":1,"phoneNumber": "+44**********","type": "PRIMARY","verified": true}]
PUT /v1/user/phone-numbers/{{phoneNumberId}}
Update Phone number for a user.
Path Variable
Id of user's existing phone number
Request
A valid phone number.
Response
Possible HTTP status codes
Phone Number is created successfully.
Invalid phone number | Invalid phone number type.
SCA challenge is not passed.
curl -X PUT https://api.sandbox.transferwise.tech/v1/user/phone-numbers/{{phoneNumberId}} \-H 'Authorization: Bearer <your api token>'-d '{"phoneNumber": "+44**********"}'
{"id":1,"phoneNumber": "+44**********","type": "PRIMARY","verified": false}
DELETE /v1/user/phone-numbers/{{phoneNumberId}}
Delete Phone number for a user.
Path Variable
Id of user's existing phone number
Response
Possible HTTP status codes
Phone Number is created successfully.
Invalid Authorization token.
User phone number is not found.
curl -X DELETE https://api.sandbox.transferwise.tech/v1/user/phone-numbers/{{phoneNumberId}} \-H 'Authorization: Bearer <your api token>'
{"errors":[{"code":"phone.number.not.found"}]}