Strong Customer Authentication

The term SCA is essentially a form of MFA designed for the financial industry. MFA, which stands for Multi-Factor Authentication, is a broader technical concept whereas SCA defines the business feature.

Please read this guide before using these endpoints.

Endoints
POST/v1/mfa-session/authorise

Create SCA session

POST /v1/mfa-session/authorise

Create a SCA session that allows customers to access lower-risk endpoints within a 5-minute window until the session expires.

Request
curl -X POST https://api.sandbox.transferwise.tech/v1/mfa-session/authorise \
     -H 'Authorization: Bearer <your api token>' \

Response

Returns a list of challenges to clear a SCA session.

oneTimeTokenPropertiesOneTimeToken

Properties of OneTimeToken

Example Response
{
  "oneTimeTokenProperties": {
    "oneTimeToken": "9f5f5812-2609-4e48-8418-b64437c0c7cd",
    "challenges": [
      {
        "primaryChallenge": {
          "type": "PIN",
          "viewData": {
            "attributes": {
              "userId": 6146956
            }
          }
        },
        "alternatives": [],
        "required": true,
        "passed": false
      }
    ],
    "validity": 3600,
    "actionType": "IDENTITY__AUTHORISE_SESSION",
    "userId": 6146956
  }
}