Answering a security question for another layer of security.
POST/authentication/securityanswer
- The temporary session token received from successfull credentials request is sent in this request along with the answer to the security question and that question's Id. If the question is answered succesfully a session token will be returned that must be used for all subsequent API calls in the current session. This token will expire after 15 minutes. Subsequent calls will refresh the expiration.
- In order to use this API, all requests must have an "appKey" sent in the header of the request.
- You may not store any part of the authentication process, to include, but not limited to Username, Password, Security Questions or Answers in your application or backend databases or servers. This is a security best practice. We do not want any elements of the member’s credentials stored on the device, vendor’s servers, or in the cloud. This can cause account vulnerability.
Request
Responses
- 200
- 400
- 401
- 403
Request data is either missing or invalid.
The security answer is incorrect
Use of the API is not allowed.