Anti-phishing codes
Use these methods to manage anti-phishing codes.
Once set by a client, the anti-phishing code is included in the emails sent to the client from B2Core, helping them identify legitimate emails.
GET[host]/api/v2/my/anti-phishing-code |
|
POST[host]/api/v2/my/anti-phishing-code |
|
DELETE[host]/api/v2/my/anti-phishing-code/confirm |
|
POST[host]/api/v2/my/anti-phishing-code/tfa |
|
POST[host]/api/v2/my/anti-phishing-code/confirm |
Get an anti-phishing code
Use this method to get the anti-phishing code that is set for the currently authenticated client.
Request
Header parameters:
Accept: application/json
Authorization: Bearer <access_token>
GET[host]/api/v2/my/anti-phishing-code
curl --location --request GET 'https://host.name/api/v2/my/anti-phishing-code' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <token>'
Response
- code string
The anti-phishing code masked with asterisks.
{
"code": "2******1"
}
Set an anti-phishing code
Use this method to set an anti-phishing code for the currently authenticated client.
Request
Header parameters:
Content-Type: application/json
Accept: application/json
Authorization: Bearer <access_token>
Body:
- code string required
The anti-phishing code.
POST[host]/api/v2/my/anti-phishing-code
curl --location --request POST 'https://host.name/api/v2/my/anti-phishing-code' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <token>' \
--data-raw '{
"code": "111111"
}'
Response
- code integer
An HTTP code specifying the current step in a procedure of setting an anti-phishing code:
HTTP code
200
for an intermediary step after which another page of the form used to set an anti-phishing code is displayed to a clientHTTP code
202
for a final step signaling that an anti-phishing code was successfully set
- data object or null
An array of objects specifying the 2FA methods available for a client:
Show object fields- name string
The method used to deliver 2FA codes to a client. Possible values:
google
— codes from the Google Authenticator app are used for confirmationSMS
— codes are delivered to a client phone number via SMS
- caption string
The name of a 2FA method.
- localizedCaption string
The localized name of a 2FA method.
- isEnabled boolean
If
true
, a 2FA method is enabled for a client; otherwise,false
.
- done boolean
If
true
, an anti-phishing code was successfully set; otherwise,false
.- uuid string
The universally unique identifier (UUID) assigned to a procedure of setting an anti-phishing code for a client.
- workflow string
A string value indicating the next step of a procedure of setting an anti-phishing code.
2fa
— indicates that confirmation with a verification code is required.
{
"code": 200,
"data": {
"fa": [
{
"name": "google",
"caption": "Google Authenticator",
"localizedCaption": "Google Authenticator",
"enabled": true
},
{
"name": "sms",
"caption": "SMS Confirmation",
"localizedCaption": "SMS Confirmation",
"enabled": true
}
]
},
"done": false,
"uuid": "36f59381-5b54-48bd-a0c7-3b908c476732",
"workflow": "2fa"
}
Remove an anti-phishing code
Use this method to remove the anti-phishing code that was previously set for a client.
Request
Header parameters:
Accept: application/json
Authorization: Bearer <access_token>
DELETE[host]/api/v2/my/anti-phishing-code/confirm
curl --location --request DELETE 'https://host.name/api/v2/my/anti-phishing-code' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <token>'
Response
- code integer
An HTTP code specifying the current step of a procedure of removing an anti-phishing code:
HTTP code
200
for an intermediary step after which another page of the form used to remove an anti-phishing code is displayed to a clientHTTP code
202
for a final step signaling that an anti-phishing code was successfully removed
- data object or null
An array of objects specifying the 2FA methods available for a client:
Show object fields- name string
The method used to deliver 2FA codes to a client. Possible values:
google
— codes from the Google Authenticator app are used for confirmationSMS
— codes are delivered to a client phone number via SMS
- caption string
The name of a 2FA method.
- localizedCaption string
The localized name of a 2FA method.
- isEnabled boolean
If
true
, a 2FA method is enabled for a client; otherwise,false
.
- done boolean
If
true
, an anti-phishing code was successfully removed; otherwise,false
.- uuid string
The universally unique identifier (UUID) assigned to a procedure of removing an anti-phishing code.
- workflow string
A string value indicating the next step of a procedure of removing an anti-phishing code.
2fa
— indicates that confirmation with a verification code is required.
{
"code": 200,
"data": {
"fa": [
{
"name": "google",
"caption": "Google Authenticator",
"localizedCaption": "Google Authenticator",
"enabled": true
},
{
"name": "sms",
"caption": "SMS Confirmation",
"localizedCaption": "SMS Confirmation",
"enabled": true
}
]
},
"done": false,
"uuid": "36f59381-5b54-48bd-a0c7-3b908c476732",
"workflow": "2fa"
}
Choose a 2FA method
Use this method to specify which 2FA method (the Google Authenticator app or SMS) should be used to confirm setting or removing an anti-phishing code if both 2FA methods are enabled for a client.
Request
Header parameters:
Content-Type: application/json
Accept: application/json
Authorization: Bearer <access_token>
Body:
- code string required
The universally unique identifier (UUID) assigned to a procedure of setting or removing an anti-phishing code.
- type string required
The 2FA method that you want to use. Possible values:
google
— a code from the Google Authenticator appsms
— a code sent to a client phone number via SMS
POST[host]/api/v2/my/anti-phishing-code/tfa
curl --location --request POST 'https://host.name/api/v2/my/anti-phishing-code/tfa' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <token>' \
--data-raw '{
"uuid": "36f59381-5b54-48bd-a0c7-3b908c476732",
"type": "google"
}'
Response
- code integer
An HTTP code specifying the current step of a procedure of setting or removing an anti-phishing code:
HTTP code
200
for an intermediary step after which another page of the form used to set or remove an anti-phishing code is displayed to a clientHTTP code
202
for a final step signaling that an anti-phishing code was successfully set or removed
- data object or null
Always
null
.- done boolean
If
true
, an anti-phishing code was successfully set or removed; otherwise,false
.- uuid string
The universally unique identifier (UUID) assigned to a procedure of setting or removing an anti-phishing code.
- workflow string
A string value indicating the next step of a procedure of setting or removing an anti-phishing code. Possible values:
2fa_google_auth
— confirmation with a code from the Google Authenticator app is required2fa_sms_auth
— confirmation with an SMS code is required
{
"code": 202,
"data": null,
"done": true,
"uuid": "36f59381-5b54-48bd-a0c7-3b908c476732",
"workflow": "2fa_google_auth"
}
Confirm setting or removing an anti-phishing code
Use this method to confirm a procedure of setting or removing an anti-phishing code by using the 2FA method that was previously chosen.
Request
Header parameters:
Content-Type: application/json
Accept: application/json
Authorization: Bearer <access_token>
Body:
- code integer required
The code from the Google Authenticator app or SMS.
POST[host]/api/v2/my/anti-phishing-code/confirm
curl --location --request POST 'https://host.name/api/v2/my/anti-phishing-code/confirm' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <token>' \
--data-raw '{
"uuid": "36f59381-5b54-48bd-a0c7-3b908c476732",
"code": 213690
}'
Response
- code integer
An HTTP code specifying the current step of a procedure of setting or removing an anti-phishing code:
HTTP code
200
for an intermediary step after which another page of the form used to set or remove an anti-phishing code is displayed to a clientHTTP code
202
for a final step signaling that an anti-phishing code was successfully set or removed
- data object
Always
null
.- done boolean
If
true
, an anti-phishing code was successfully set or removed; otherwise,false
.- uuid string
The universally unique identifier (UUID) assigned to a procedure of setting or removing an anti-phishing code.
- workflow string
A string value indicating the next step of a procedure of setting or removing an anti-phishing code.
{
"code": 202,
"data": {},
"done": true,
"uuid": "36f59381-5b54-48bd-a0c7-3b908c476732",
"workflow": "B2B\\TCA\\Wizards\\Workflow\\TerminateWorkflow"
}