On This Page
FILTER BY TAG

Validate a One-Time Password or Issuer Authentication Code

This section describes how to validate one-time passwords (OTPs) and issuer authentication codes. When the cardholder receives their OTP by means of their selected method (SMS, email, or online banking) or an issuer authentication code from their banking application, you can verify the OTP or issuer authentication code by including it in the endpoint here.

Endpoint

Test:
POST
https://apitest.visaacceptance.com
/tms/v2/tokenized-cards/
{tokenId}
/authentication-options/validate
Production:
POST
https://api.visaacceptance.com
/tms/v2/tokenized-cards/
{tokenId}
/authentication-options/validate
The
{tokenId}
 is the identifier of the tokenized card.

Required Field for Validating an OTP or Issuer Authentication Code

clientCorrelationId
Set to the client reference ID.
issuerAuthCode
Required when
otp
 is not included in the request.
otp
Required when
issuerAuthCode
 is not included in the request.
stepUpOption.id

REST Example: Validating an OTP or Issuer Authentication Code

Request
{
  "clientCorrelationId": "aB3cD4eF5gH6iJ7kL8mN9oP0qR1sT2uV3wX",
  "stepUpOption": {
    "id": "YWEwMjFhZmFkZDU4ZWI0NDJjYTM0MzY4OTY1YjdhMDE="
  },
  "otp": "456789",
  "issuerAuthCode": "HTZlY2YwOWQ3MDZmYWZj4GMww2Y0YjllZWFkODZkHJI="
}
Response to a Successful Request
{
  "action": "AUTHENTICATION_REGISTRATION"
}
RELATED TO THIS PAGE