LogoLogo
  • GENERAL
    • About Criptan
    • Get started
      • Introduction
      • 1. Activate your account
      • 2. Add funds to your balance
      • 3. Start interacting with the API
    • API
      • Introduction
      • Authentication
        • Auth Transactions and Earn
          • API Reference
        • Auth Business (Criptan Pay)
      • Real-Time API (WebSockets)
        • OHLCV
        • TICKERS
      • Webhooks
        • Transactions and Earn Webhooks
        • Business Webhooks
      • API reference
      • Changelog
    • Developer tools
      • Sandbox
      • Support
      • Feedback
    • Security
  • Transactions
    • General
      • Overview
      • Available exchange
      • Geographic availability
      • Use cases
        • Buy
          • UX example
        • Sell
          • UX example
        • Send crypto
          • UX example
        • Receive crypto
          • UX example
        • Recurring purchases
          • UX example
        • Check history
      • FAQ
    • API Reference
      • Trades
      • Withdrawals
      • Information
  • Earn
    • General
      • Overview
      • Geographic availability
      • Use cases
        • 3, 6, 12 months
          • Make a deposit
            • UX example
          • Set up auto-renew a deposit automatically
            • UX example
        • Flex
          • Make a deposit
            • UX example
          • Make a withdrawal
            • UX example
          • Cancel a withdrawal
            • UX example
          • Set up reinvest or not rewards
            • UX example
        • Flex and 3, 6, 12 months
          • Receiving Rewards
      • FAQ
    • API Reference
  • Business (Criptan Pay)
    • General
      • Business (Criptan Pay)
      • Onboarding
      • Payment Button
      • Charges
      • FAQ
    • API Reference
      • Charge
      • Generate charge receipt
      • Get payment
    • Types CPay definitions
      • BusinessAccount
      • BusinessCharge
Powered by GitBook
On this page
  1. GENERAL
  2. API
  3. Authentication
  4. Auth Transactions and Earn

API Reference

PreviousAuth Transactions and EarnNextAuth Business (Criptan Pay)

Last updated 1 year ago

delete
Authorizations
Header parameters
x-otpstringRequired
Responses
200
User secret deleted successfully
application/json
400
User doesn't have a secret configured
application/json
401
OTP is not valid
application/json
403
Authentication error
application/json
500
Internal error
application/json
delete
DELETE /auth/otp/methods/totp HTTP/1.1
Host: 
Authorization: Bearer JWT
x-otp: text
Accept: */*

{
  "email": "name@gmail.com",
  "hasValidatedEmail": true,
  "emailVerificationDate": "2025-06-09T05:45:44.994Z",
  "hasValidatedSecret": true,
  "secretVerificationDate": "2025-06-09T05:45:44.994Z",
  "phoneNumber": "text",
  "hasValidatedPhone": true,
  "phoneVerificationDate": "2025-06-09T05:45:44.994Z",
  "lastLoggedDate": "2025-06-09T05:45:44.994Z",
  "status": "ACTIVE",
  "lastLoggedDevice": "text",
  "lastPasswordChangeDate": "2025-06-09T05:45:44.994Z"
}
get
Authorizations
Query parameters
methodstring ยท enumRequiredPossible values:
Responses
201
OTP requested successfully
application/json
400
The MFA method is not allowed to be used
application/json
401
The user has exhausted its available attempts and must wait before requesting another
application/json
403
Authentication error
application/json
500
Internal error
application/json
get
GET /auth/otp/code?method=EMAIL HTTP/1.1
Host: 
Authorization: Bearer JWT
Accept: */*

{
  "validUntil": "2025-06-09T05:45:44.994Z",
  "channel": "EMAIL",
  "validated": true
}
  • POST/auth/login
  • POST/auth/login/refresh
  • POST/auth/otp/methods/sms
  • POST/auth/otp/methods/totp
  • DELETE/auth/otp/methods/totp
  • GET/auth/otp/code
  • POST/auth/otp/code
post
Authorizations
Body
emailstring ยท emailRequired
passwordstringRequired
Responses
200
Login successful
application/json
403
Authentication error
application/json
500
Internal error
application/json
post
POST /auth/login HTTP/1.1
Host: 
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 44

{
  "email": "name@gmail.com",
  "password": "text"
}
{
  "idToken": "text",
  "refreshToken": "text"
}
post
Authorizations
Body
refreshTokenstringRequired
Responses
200
ID Token refreshed successfully
application/json
403
Invalid refresh token
application/json
500
Internal error
application/json
post
POST /auth/login/refresh HTTP/1.1
Host: 
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 23

{
  "refreshToken": "text"
}
{
  "idToken": "text"
}
post
Authorizations
Body
phonestring ยท min: 1Required
countrystring ยท enumRequiredPossible values:
Responses
200
Number added to the user successfully. A SMS message will be sent to the user, and they will need to validate it to use the phone number as MFA.
application/json
400
The user already has a valid SMS phone added.
application/json
403
Authentication error
application/json
500
Internal error
application/json
post
POST /auth/otp/methods/sms HTTP/1.1
Host: 
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 31

{
  "phone": "text",
  "country": "AC"
}
{
  "email": "name@gmail.com",
  "hasValidatedEmail": true,
  "emailVerificationDate": "2025-06-09T05:45:44.994Z",
  "hasValidatedSecret": true,
  "secretVerificationDate": "2025-06-09T05:45:44.994Z",
  "phoneNumber": "text",
  "hasValidatedPhone": true,
  "phoneVerificationDate": "2025-06-09T05:45:44.994Z",
  "lastLoggedDate": "2025-06-09T05:45:44.994Z",
  "status": "ACTIVE",
  "lastLoggedDevice": "text",
  "lastPasswordChangeDate": "2025-06-09T05:45:44.994Z"
}
post
Authorizations
Body
objectOptional
Responses
200
Secret created successfully
application/json
400
The TOTP secret is already configured
application/json
403
Authentication error
application/json
500
Internal error
application/json
post
POST /auth/otp/methods/totp HTTP/1.1
Host: 
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 2

{}
{
  "email": "name@gmail.com",
  "hasValidatedEmail": true,
  "emailVerificationDate": "2025-06-09T05:45:44.994Z",
  "hasValidatedSecret": true,
  "secretVerificationDate": "2025-06-09T05:45:44.994Z",
  "phoneNumber": "text",
  "hasValidatedPhone": true,
  "phoneVerificationDate": "2025-06-09T05:45:44.994Z",
  "lastLoggedDate": "2025-06-09T05:45:44.994Z",
  "status": "ACTIVE",
  "lastLoggedDevice": "text",
  "lastPasswordChangeDate": "2025-06-09T05:45:44.994Z"
}
post
Authorizations
Header parameters
x-otpany ofRequired
stringOptional
or
stringOptional
Body
channelstring ยท enumRequired

Channel to verify OTP. If a channel is not configured or is already verified, the response will be an error.

Possible values:
Responses
200
Method correctly verified
application/json
400
SMS is already configured
application/json
401
OTP is not valid
application/json
403
Authentication error
application/json
500
Internal error
application/json
post
POST /auth/otp/code HTTP/1.1
Host: 
Authorization: Bearer JWT
x-otp: text
Content-Type: application/json
Accept: */*
Content-Length: 17

{
  "channel": "SMS"
}
{
  "email": "name@gmail.com",
  "hasValidatedEmail": true,
  "emailVerificationDate": "2025-06-09T05:45:44.994Z",
  "hasValidatedSecret": true,
  "secretVerificationDate": "2025-06-09T05:45:44.994Z",
  "phoneNumber": "text",
  "hasValidatedPhone": true,
  "phoneVerificationDate": "2025-06-09T05:45:44.994Z",
  "lastLoggedDate": "2025-06-09T05:45:44.994Z",
  "status": "ACTIVE",
  "lastLoggedDevice": "text",
  "lastPasswordChangeDate": "2025-06-09T05:45:44.994Z"
}