Skip to content

SMS Authentication

Jump to bottom
Remoun Metyas edited this page Oct 10, 2011 · 3 revisions

Step 1 of 3: Getting a Token for SMS Authentication

Standalone SMS authentication may be used independently of Transactions. Both methods are documented below. OOB stands for Out-Of-Band Authentication.

Integrated with Transactions

XML

https://[merchant_id]:[apikey]@api.icecharge.com/v1/xml/transaction/[id]/oob/token (Method: GET)

<oob token="[SHA512]"/>

JSON

https://[merchant_id]:[apikey]@api.icecharge.com/v1/json/transaction/[id]/oob/token (Method: GET)

{
	“oob”: {
		“token”: [SHA512]
	}
}

Standalone SMS Authentication

XML

https://[merchant_id]:[apikey]@api.icecharge.com/v1/xml/oob/token (Method: POST)

<oob_request sid="[Session ID]"/>

POST: Reply

<oob token="[SHA512]"/>

JSON

https://[merchant_id]:[apikey]@api.icecharge.com/v1/json/oob/token (Method: POST)

{
	"sid": [Session ID]
}

POST: Reply

{
	"oob": {
		"token": [SHA512]
	}
}

Step 2 of 3: Performing SMS Authentication

Send an SMS message

This method sends an SMS message containing a secret code to a phone number.

XML

https://[merchant_id]:[apikey]@api.icecharge.com/v1/xml/oob/do (Method: POST)

<oob token="[SHA512]" to="[Phone Number]"/>
JSON

https://[merchant_id]:[apikey]@api.icecharge.com/v1/json/oob/do (Method: POST)

{
	"token": [SHA512],
	"to": [Phone Number]
}

Step 3 of 3: Verifying Secret Code

Verify Secret Code

This method verifies that the secret code entered by a customer value matches the secret code IceCharge sent via SMS.

XML

https://[merchant_id]:[apikey]@api.icecharge.com/v1/xml/oob/verify (Method: POST)

<oob_result token="[SHA512]" secret="[Secret Entered By Client]"/>

POST: Reply

<oob token="[SHA512]" status="[Success/Failed]"/>

JSON

https://[merchant_id]:[apikey]@api.icecharge.com/v1/json/oob/verify (Method: POST)

{
	"token": [SHA512],
	"secret": [Secret Entered By Client]
}

POST: Reply

{
	"oob": {
		"token": [SHA512],
		"status": [Success/Failed]
	}
}

Clone this wiki locally