Auth API¶
1. Validate Password¶
A. Request¶
Parameter |
Required |
Description |
|---|---|---|
user |
Yes |
A string indicating user’s email address or member ID |
password |
Yes |
User’s password |
Here’s an example of how the API call might look like in JSON format
{
"user": "customer@stamps.co.id",
"password": "secret123"
}
Example of API call request using cURL
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" -d '{"user": "customer@stamps.co.id", "password": "secret123"}' https://stamps.co.id/api/auth/validate-password
B. Response Data¶
In response to this API call, Stamps will return response with the following data (in JSON):
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST, OPTIONS
[Redacted Header]
{
"status": "ok"
}
2. Set PIN¶
A. Request¶
Set customer’s PIN for the first time.
Parameter |
Required |
Description |
|---|---|---|
user |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
pin |
Yes |
6 digit string |
confirm_pin |
Yes |
6 digit string that needs to be the same as |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/pin/set -i -d '{ "user": 123, "pin": "123456", "confirm_pin": "123456" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok"
}
Mismatch pin and confirm_pin parameter:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"detail": "confirm_pin: Confirmation PIN does not match",
"errors": {
"confirm_pin": "Confirmation PIN does not match"
},
"error_code": "pin_mismatch",
"error_message": "confirm_pin: Confirmation PIN does not match"
}
3. Change PIN¶
A. Request¶
Parameter |
Required |
Description |
|---|---|---|
user |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
current_pin |
Yes |
Customer’s previously set 6 digit string PIN |
new_pin |
Yes |
6 digit string |
confirm_new_pin |
Yes |
6 digit string that needs to be the same as |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/pin/change -i -d '{ "user": 123, "current_pin": "123456", "new_pin": "654321", "confirm_new_pin", "654321" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok"
}
Invalid PIN:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"detail": "current_pin: Invalid PIN",
"errors": {
"current_pin": "Invalid PIN"
},
"error_code": "invalid_pin",
"error_message": "current_pin: Invalid PIN"
}
Mismatch new_pin and confirm_new_pin parameter:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"detail": "confirm_new_pin: Confirmation PIN does not match",
"errors": {
"confirm_new_pin":"Confirmation PIN does not match"
},
"error_code": "pin_mismatch",
"error_message":"confirm_new_pin: Confirmation PIN does not match"
}
4. Validate PIN¶
A. Request¶
Customer’s PIN will be blocked in case of repeated failed validation. Failures count will be reset 604800 seconds (1 week) after the last failure.
Parameter |
Required |
Description |
|---|---|---|
user |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
pin |
Yes |
6 digit string |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/pin/validate -i -d '{ "user": 123, "pin": "123456" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok"
}
Invalid PIN:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"detail": "pin: Invalid PIN, 2 attempt(s) left",
"errors": {
"pin": "Invalid PIN, 2 attempt(s) left"
},
"error_code": "invalid_pin",
"error_message": "pin: Invalid PIN, 2 attempt(s) left"
}
5. Unblock PIN¶
A. Request¶
Unblock customer’s PIN blocked by repeated failed validation
Parameter |
Required |
Description |
|---|---|---|
user |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/pin/unblock -i -d '{ "user": 123 }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok"
}
6. Requesting an OTP to Reset PIN¶
A. Request¶
Request an OTP to reset customer’s PIN. OTP will be send to customer’s email or mobile phone if template_code parameter is provided.
Parameter |
Required |
Description |
|---|---|---|
user |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
type |
No |
A string for OTP sending method choice, supports |
template_code |
No |
A string indicating the template to be used to send the OTP |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/pin/request-otp-for-reset -i -d '{ "user": 123 }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
otp |
6 digit string |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok",
"otp": "123456"
}
7. Reset PIN¶
A. Request¶
Parameter |
Required |
Description |
|---|---|---|
user |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
otp |
Yes |
6 digit string OTP received from |
pin |
Yes |
6 digit string |
confirm_pin |
Yes |
6 digit string that needs to be the same as |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/pin/reset -i -d '{ "user": 123, "otp": "123123", "pin": "654321", "confirm_pin", "654321" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok"
}
Mismatch pin and confirm_pin parameter:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"detail": "confirm_pin: Confirmation PIN does not match",
"errors": {
"confirm_pin": "Confirmation PIN does not match"
},
"error_code": "pin_mismatch",
"error_message": "confirm_pin: Confirmation PIN does not match"
}
Invalid OTP:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"detail": "otp: Invalid OTP",
"errors": {
"otp": "Invalid OTP"
},
"error_code": "invalid_otp",
"error_message": "otp: Invalid OTP"
}
8. Reset PIN with Password¶
A. Request¶
Parameter |
Required |
Description |
|---|---|---|
user |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
password |
Yes |
User’s password |
pin |
Yes |
6 digit string |
confirm_pin |
Yes |
6 digit string that needs to be the same as |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/pin/reset-with-password -i -d '{ "user": 123, "password": "secret123", "pin": "654321", "confirm_pin", "654321" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok"
}
Invalid password:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"detail": "password: Invalid user password",
"error_code": "invalid_password",
"error_message": "password: Invalid user password",
"errors": {
"password": "Invalid user password"
}
}
9. Change Password¶
A. Request¶
Parameter |
Required |
Description |
|---|---|---|
user |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
old_password |
Yes |
Customer’s current password |
new_password |
Yes |
New password |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/auth/change-password -i -d '{ "user": "test@gmail.com", "old_password": "secure_password", "new_password": "new_secure_password" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok"
}
10. Set Password¶
A. Request¶
Parameter |
Required |
Description |
|---|---|---|
Yes |
Customer’s email |
|
new_password |
Yes |
New password |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/auth/set-password -i -d '{ "email": "foo@bar.com", "new_password": "secure_password" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"id": 1,
"name": "Foo",
"email": "foo@bar.com",
"status": "ok"
}
11. Requesting an OTP to Reset Password¶
A. Request¶
Request an OTP to reset customer’s password. OTP will be send to customer’s email or mobile phone if template_code parameter is provided.
Parameter |
Required |
Description |
|---|---|---|
identifier |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
type |
Yes |
A string for OTP sending method choice, supports |
template_code |
No |
A string indicating the template to be used to send the OTP |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/auth/request-otp-for-password-reset -i -d '{ "identifier": 123, "type": "email" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
otp |
6 digit string |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok",
"otp": "123456"
}
12. Reset Password with OTP¶
A. Request¶
Parameter |
Required |
Description |
|---|---|---|
identifier |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
otp |
Yes |
6 digit string OTP received from |
new_password |
Yes |
A secure password |
confirm_new_password |
Yes |
A secure password that needs to be the same as |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/auth/reset-password-with-otp -i -d '{ "identifier": 123, "otp": "123123", "new_password": "securepassword123", "confirm_new_password", "securepassword123" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok"
}
Mismatch new_password and confirm_new_password parameter:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"detail": "confirm_new_password: Confirmation password does not match",
"errors": {
"confirm_new_password": "Confirmation password does not match"
},
"error_code": "mismatch_password",
"error_message": "confirm_new_password: Confirmation password does not match"
}
Invalid OTP:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"detail": "otp: Invalid OTP",
"errors": {
"otp": "Invalid OTP"
},
"error_code": "invalid_otp",
"error_message": "otp: Invalid OTP"
}
13. Validate Mobile Number¶
A. Request¶
Parameter |
Required |
Description |
|---|---|---|
mobile_number |
Yes |
A string indicating mobile number or phone to validate |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/auth/validate-mobile-number -i -d '{ "mobile_number": "081234567890" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok"
}
Invalid Mobile Number:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"status": "invalid",
"detail": "mobile_number: Please enter a valid mobile phone number.",
"errors": {
"mobile_number": "Please enter a valid mobile phone number."
},
"error_code": "invalid_mobile_number",
"error_message": "mobile_number: Please enter a valid mobile phone number."
}
14. Reset OTP Limit¶
A. Request¶
Parameter |
Required |
Description |
|---|---|---|
user |
Yes |
A string indicating customer’s email, Member ID, mobile number or primary key ID |
Example of API call request using cURL:
$ curl -X POST -H "Content-Type: application/json" -H "Authorization: <token_type> <token>" https://stamps.co.id/api/auth/reset-otp-limit -i -d '{ "user": "081234567890" }'
B. Response Data¶
Variable |
Description |
|---|---|
status |
Returns |
C. Examples¶
A successful API call:
HTTP/1.0 200 OK
Vary: Accept
Content-Type: application/json
Allow: POST
[Redacted Header]
{
"status": "ok"
}
Invalid User:
HTTP/1.0 400 BAD REQUEST
Vary: Accept
Content-Type: application/json
[Redacted Header]
{
"status": "invalid",
"detail": "user: Please enter a valid mobile phone number.",
"errors": {
"user": "Please enter a valid mobile phone number."
},
"error_code": "invalid_user",
"error_message": "user: Please enter a valid mobile phone number."
}