User & Authentication Endpoints
These endpoints handle user registration, authentication, profile management, and account security within the Mopay platform. Developers can implement user sign-up, login, account verification, and profile management using these APIs.
User Registration
Register a new user account
Description
This endpoint allows new users to create an account on the Mopay platform. The registration process requires basic information such as first name, last name, email, and password, as well as device information. After successful registration, a verification email is sent to the user's email address and the user is assigned a unique user ID. The response includes an access token that can be used for immediate authentication.
Authentication is not required for this endpoint. You can make requests without providing authentication headers.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| Content-Type | application/json | Yes | Format of the request body |
Request Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| fsnm | string | Yes | User's first name |
| lsnm | string | Yes | User's last name |
| emal | string | Yes | User's email address |
| pswd | string | Yes | User's desired password (min: 8 characters, must include uppercase, lowercase, number) |
| devt | string | Yes | User's device type (e.g., 'Android', 'iOS', 'Web') |
| devs | string | Yes | User's device serial/unique identifier |
| devn | string | Yes | User's device name |
| refx | string | No | Referral code if referred by another user |
| tktp | string | No | Token type for push notifications |
| phtk | string | No | Push notification token |
| chid | string | No | Channel ID for notifications |
Request Example
POST /user_profile_createBody:
{
"fsnm": "John",
"lsnm": "Doe",
"emal": "john.doe@example.com",
"pswd": "SecureP@ssw0rd",
"devt": "iOS",
"devs": "iPhone13-AABBCC123456",
"devn": "John's iPhone",
"refx": "REF123456",
"tktp": "ExponentPushToken",
"phtk": "ExponentPushToken[xxxxxxxxxxxxxxxxxxxxxx]",
"chid": "notification_channel_id"
}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_create",
"STATUS": "OK"
},
"DATA": {
"marker": "h5d5s78nb4d4",
"userid": "5wh7n78bex4s",
"secret": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"pbcKey": "34f5435d54e5f6gt65ef",
"expires": "312334444323"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_create",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "fsnm_required",
"DETAILS": "User's first name is required (MPS965295426586718)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_create",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "lsnm_required",
"DETAILS": "User's last name is required (MPS161589812874837)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_create",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "emal_required",
"DETAILS": "User's email address is required (MPS256280046845571)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_create",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "pswd_required",
"DETAILS": "User desired password is required (MPS719909317049989)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_create",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "devt_required",
"DETAILS": "User's Device Type is required (MPS707771432691400)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_create",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "devs_required",
"DETAILS": "User's Device Serial is required (MPS973259469176333)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_create",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "devn_required",
"DETAILS": "User's Devices name is required (MPS586226793441740)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_create",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Email already registered",
"DETAILS": "An account with this email already exists (MPS981234567891)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_create",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Registration failed",
"DETAILS": "Unable to complete registration. Please try again later (MPS981234567892)"
}
}User Login
Sign in to an existing Mopay account
Description
This endpoint authenticates a user and creates a new session. Upon successful authentication, it returns an access token for subsequent authenticated requests along with basic user information. Device information is required to associate the login session with a specific device.
Authentication is not required for this endpoint. You can make requests without providing authentication headers.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| Content-Type | application/json | Yes | Format of the request body |
Request Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| emal | string | Yes | User's email address |
| pswd | string | Yes | User's password |
| dvty | string | Yes | User's device type (e.g., 'Android', 'iOS', 'Web') |
| dsnm | string | Yes | User's device serial/unique identifier |
| dvnm | string | No | User's device name |
Request Example
POST /user_profile_loginBody:
{
"emal": "john.doe@example.com",
"pswd": "SecureP@ssw0rd",
"dvty": "iOS",
"dsnm": "iPhone13-AABBCC123456",
"dvnm": "John's iPhone"
}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_login",
"STATUS": "OK"
},
"DATA": {
"marker": "h5d5s78nb4d4",
"userid": "5wh7n78bex4s",
"secret": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"pbcKey": "34f5435d54e5f6gt65ef",
"expires": "312334444323"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "emal_required",
"DETAILS": "User's email address is required (MPS215213462776769)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "pswd_required",
"DETAILS": "User desired password is required (MPS344814454485441)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "dvty_required",
"DETAILS": "User's Device Type is required (MPS245997658188055)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "dsnm_required",
"DETAILS": "User's Device Serial is required (MPS688014047902334)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Invalid credentials",
"DETAILS": "The email or password provided is incorrect (MPS981234567893)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Account disabled",
"DETAILS": "This account has been disabled. Please contact support (MPS981234567894)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Login failed",
"DETAILS": "Unable to complete login. Please try again later (MPS981234567895)"
}
}User Logout
Disconnect device from account
Description
This endpoint logs out a user by invalidating their current authentication token. After this call, the token will no longer be valid for any API requests. No additional parameters are required as the user's session information is extracted from the Authorization header.
Authentication is required for this endpoint. You must include the required HMAC-based authentication headers as described in the Authentication section.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| MPY-SECUREKEY | {public_key} | Yes | Your public key obtained during login/registration |
| MPY-TIMESTAMP | {unix_timestamp} | Yes | Current unix timestamp in seconds |
| MPY-REQSIGNAL | {request_signature} | Yes | HMAC-SHA512 signature of the request |
| Content-Type | application/json | Yes | Format of the request body |
Request Example
GET /user_profile_logoutBody:
{}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_logout",
"STATUS": "OK"
},
"DATA": {
"COMMENT": "Operation successful!"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_logout",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "rqat_required",
"DETAILS": "Oops, unauthorised request (MPS613273847085343)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_logout",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "process_failed",
"DETAILS": "Failed to process your request (MPS742330378600148)"
}
}Google Login
Authenticate a user with Google credentials
Description
This endpoint allows users to authenticate or register using their Google account. The client application should first complete the Google Sign-In flow to obtain a Google OAuth token, which is then sent to this endpoint along with device information. If the user doesn't exist, a new account will be created automatically using the information from their Google profile. If the user already exists, they will be logged in to their existing account. The response includes user profile information and an authentication token for subsequent API calls.
Authentication is not required for this endpoint. You can make requests without providing authentication headers.
Important: To use this endpoint, your application must be registered with Google and have Google Sign-In configured. The client application is responsible for implementing the Google Sign-In flow to obtain the Google OAuth token.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| Content-Type | application/json | Yes | Format of the request body |
Request Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| rqat | string | Yes | Google OAuth token obtained from Google Sign-In |
| devt | string | Yes | Device type (e.g., "android", "ios", "web") |
| devs | string | Yes | Device serial number or unique identifier |
| devn | string | Yes | Device name (e.g., "iPhone 13", "Samsung Galaxy S21") |
| tktp | string | No | Push notification token type (e.g., "fcm", "apns") |
| phtk | string | No | Push notification token |
| chid | string | No | Channel ID for push notifications |
Request Example
POST /user_google_loginBody:
{
"rqat": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjFiZDY4NWY1ZThmMzA2MjY...",
"devt": "android",
"devs": "a1b2c3d4e5f6g7h8i9j0",
"devn": "Google Pixel 6",
"tktp": "fcm",
"phtk": "fnX2oP8yTKKJ23NFG456...",
"chid": "user_notifications"
}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_google_login",
"STATUS": "OK"
},
"DATA": {
"marker": "h5d5s78nb4d4",
"userid": "5wh7n78bex4s",
"secret": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"pbcKey": "34f5435d54e5f6gt65ef",
"expires": "312334444323"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_google_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "rqat_required",
"DETAILS": "Oops, unauthorised request (MPS613273847085343)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_google_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "devt_required",
"DETAILS": "User's Device Type is required (MPS556270292071835)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_google_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "devs_required",
"DETAILS": "User's Device Serial is required (MPS684912061767792)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_google_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "devn_required",
"DETAILS": "User's Devices name is required (MPS785633731881287)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_google_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "request_failure",
"DETAILS": "Could not process your request (MPS634429297237638)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_google_login",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "unknown_failure",
"DETAILS": "Oops, something went wrong, please try again (MPS778685379516054)"
}
}Get Authentication Info
Retrieve current authentication and session information
Description
This endpoint retrieves detailed information about the user's current authentication status, including session details, permissions, and security events. It can be used to verify the user's authentication status, check token validity, or display authentication information to the user. The response includes information about the authentication type, permissions, token expiration, active sessions, and recent security events.
Authentication is required for this endpoint. You must include the required HMAC-based authentication headers as described in the Authentication section.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| MPY-SECUREKEY | {public_key} | Yes | Your public key obtained during login/registration |
| MPY-TIMESTAMP | {unix_timestamp} | Yes | Current unix timestamp in seconds |
| MPY-REQSIGNAL | {request_signature} | Yes | HMAC-SHA512 signature of the request |
| Content-Type | application/json | Yes | Format of the request body |
Request Example
GET /user_authenticationBody:
{}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_authentication",
"STATUS": "OK"
},
"DATA": {
"marker": "h5d5s78nb4d4",
"secret": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"expires": "312334444323"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_authentication",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Unauthorized",
"DETAILS": "Invalid or expired token (MPS186244751624519)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_authentication",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Access Denied",
"DETAILS": "Your account does not have permission to access this resource (MPS675239418596743)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_authentication",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Server Error",
"DETAILS": "Failed to retrieve authentication information. Please try again (MPS981234567890)"
}
}Verify Authentication
Verify the validity of a user's authentication token
Description
This endpoint verifies the validity of a user's authentication token. It's typically used to confirm that a user is properly authenticated and their session is still valid. The endpoint requires the user's authentication token to be passed in the Authorization header and returns a simple success message if the token is valid.
Authentication is required for this endpoint. You must include the required HMAC-based authentication headers as described in the Authentication section.
Note: This endpoint is used to verify if a token is valid. If the token is invalid or expired, a 401 Unauthorized error will be returned.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| MPY-SECUREKEY | {public_key} | Yes | Your public key obtained during login/registration |
| MPY-TIMESTAMP | {unix_timestamp} | Yes | Current unix timestamp in seconds |
| MPY-REQSIGNAL | {request_signature} | Yes | HMAC-SHA512 signature of the request |
| Content-Type | application/json | Yes | Format of the request body |
Request Example
GET /authentication_verifyBody:
{}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "authentication_verify",
"STATUS": "OK"
},
"DATA": {
"COMMENT": "Operation successful!"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "authentication_verify",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "rqat_required",
"DETAILS": "Oops, unauthorised request (MPS613273847085343)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "authentication_verify",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "request_failed",
"DETAILS": "Could not process your request (MPS634429297237638)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "authentication_verify",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "logout_failed",
"DETAILS": "Failed to process your request (MPS742330378600148)"
}
}Get User Profile
Retrieve authenticated user's profile information
Description
This endpoint retrieves the complete profile information for the currently authenticated user. The profile data includes personal information, account details, and settings. Authentication is required, and the response will contain the profile data for the user associated with the provided access token.
Authentication is required for this endpoint. You must include the required HMAC-based authentication headers as described in the Authentication section.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| MPY-SECUREKEY | {public_key} | Yes | Your public key obtained during login/registration |
| MPY-TIMESTAMP | {unix_timestamp} | Yes | Current unix timestamp in seconds |
| MPY-REQSIGNAL | {request_signature} | Yes | HMAC-SHA512 signature of the request |
| Content-Type | application/json | Yes | Format of the request body |
Request Example
GET /user_profile_get_infoBody:
{}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_get_info",
"STATUS": "OK"
},
"DATA": {
"marker": "5c4xx7i65u56",
"username": "johndoe92",
"firstName": "John",
"lastName": "Doe",
"phoneNumber": "+2348012345678",
"emailAddress": "john.doe@example.com",
"phoneVerify": "unverified",
"emailVerify": "unverified",
"identVerify": "unverified",
"tradeVolume": 0,
"tradeCounts": 0,
"referalCount": 0,
"referalCode": "5c4xx7i65u56",
"referalBonus": 0,
"referrerid": "5c4xx7i65u56",
"activeDate": "2023-01-15",
"activeTime": "10:10:10",
"status": "active",
"recorded": "1673778645212"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_get_info",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Unauthorized",
"DETAILS": "Access Denied (MPS308033155841273)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_get_info",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "User not found",
"DETAILS": "No data matching your query was found (MPS775873117725199)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_get_info",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Server error",
"DETAILS": "An unexpected error occurred (MPS981234567895)"
}
}Update User Profile
Update authenticated user's profile details
Description
This endpoint allows users to update their profile details. Currently, only first name (fNme) and last name (lNme) updates are supported. The endpoint updates only the fields provided in the request, leaving other fields unchanged. Authentication is required, and the profile updates will be applied to the user associated with the provided access token.
Authentication is required for this endpoint. You must include the required HMAC-based authentication headers as described in the Authentication section.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| MPY-SECUREKEY | {public_key} | Yes | Your public key obtained during login/registration |
| MPY-TIMESTAMP | {unix_timestamp} | Yes | Current unix timestamp in seconds |
| MPY-REQSIGNAL | {request_signature} | Yes | HMAC-SHA512 signature of the request |
| Content-Type | application/json | Yes | Format of the request body |
Request Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| fNme | string | No | User's first name |
| lNme | string | No | User's last name |
Request Example
POST /user_profile_updateBody:
{
"fNme": "John",
"lNme": "Doe"
}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_update",
"STATUS": "OK"
},
"DATA": {
"COMMENT": "Account details updated successfully!"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_update",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Unauthorized",
"DETAILS": "Oops, unauthorised request (MPS613273847085343)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_update",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "update_failed",
"DETAILS": "Profile update request failed (MPS540751147468485)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_profile_update",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "process_error",
"DETAILS": "Failed to process your request (MPS742330378600148)"
}
}Change Password
Change the authenticated user's password
Description
This endpoint allows users to change their account password. The user must provide their current password for verification, along with the new password they wish to set. For security reasons, password changes trigger a notification to the user's email address. The system also checks if the new password has been used before and prevents reuse of recent passwords.
Authentication is required for this endpoint. You must include the required HMAC-based authentication headers as described in the Authentication section.
Security Note: This endpoint is for changing a password when the user knows their current password. For password reset functionality (when a user has forgotten their password), use the password reset endpoints.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| MPY-SECUREKEY | {public_key} | Yes | Your public key obtained during login/registration |
| MPY-TIMESTAMP | {unix_timestamp} | Yes | Current unix timestamp in seconds |
| MPY-REQSIGNAL | {request_signature} | Yes | HMAC-SHA512 signature of the request |
| Content-Type | application/json | Yes | Format of the request body |
Request Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| pswd | string | Yes | User's current password |
| npwd | string | Yes | New password (min: 8 characters, must include uppercase, lowercase, number) |
Request Example
POST /user_password_changeBody:
{
"pswd": "OldSecureP@ss123",
"npwd": "NewSecureP@ss456"
}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_password_change",
"STATUS": "OK"
},
"DATA": {
"COMMENT": "Operation successful!"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_password_change",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "pswd_required",
"DETAILS": "Current password is required (MPS844383750075256)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_password_change",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "npwd_required",
"DETAILS": "New password is required (MPS129864042662209)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_password_change",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "test_account",
"DETAILS": "Oops, password change is not allowed on a test account (MPS165949922662582)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_password_change",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "password_error",
"DETAILS": "Oops, you've used this password before please choose another password (MPS568083884765401)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_password_change",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "Unauthorized",
"DETAILS": "Oops, unauthorised request (MPS613273847085343)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_password_change",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "process_error",
"DETAILS": "Could not process your request (MPS502489419386934)"
}
}Send Email Verification
Send a verification code to an email address
Description
This endpoint sends a verification code to the specified email address to verify email ownership. Email verification is an important security measure that confirms users have access to the email address. The verification code is sent to the specified email address and is valid for 1 hour. Users should then use the Verify Email Code endpoint to complete the verification process.
Authentication is not required for this endpoint. You can make requests without providing authentication headers.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| Content-Type | application/json | Yes | Format of the request body |
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| emal | string | Yes | Email address to send verification code to |
Request Example
GET /user_email_verify_send?emal=john.doe@example.comBody:
{}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_email_verify_send",
"STATUS": "OK"
},
"DATA": {
"COMMENT": "Verification code has been sent to email!"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_email_verify_send",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "rqat_required",
"DETAILS": "Oops, unauthorised request (MPS613273847085343)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_email_verify_send",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "emal_required",
"DETAILS": "Email address is required (MPS559098854394794)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_email_verify_send",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "process_failed",
"DETAILS": "Could not process your request (MPS395655299976223)"
}
}Verify Email Code
Verify an email address using a verification code
Description
This endpoint verifies an email address using the verification code that was sent to that email address. The user must first request a verification code using the Send Email Verification endpoint. After receiving the verification code via email, the user submits the code through this endpoint to complete the verification process. Once verified, the response confirms that the verification code is valid.
Authentication is not required for this endpoint. You can make requests without providing authentication headers.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| Content-Type | application/json | Yes | Format of the request body |
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| emal | string | Yes | Email address to verify |
| code | string | Yes | Verification code received in email |
Request Example
GET /user_email_verify?emal=john.doe@example.com&code=123456Body:
{}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_email_verify",
"STATUS": "OK"
},
"DATA": {
"COMMENT": "Verification code is valid!"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_email_verify",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "rqat_required",
"DETAILS": "Oops, unauthorised request (MPS613273847085343)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_email_verify",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "emal_required",
"DETAILS": "Email address is required (MPS851193072288052)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_email_verify",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "code_required",
"DETAILS": "Verification code is required (MPS406738327638000)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_email_verify",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "code_invalid",
"DETAILS": "Incorrect verification code (MPS718869923496012)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_email_verify",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "process_failed",
"DETAILS": "Failed to process your request (MPS742330378600148)"
}
}Get Login Activity
Retrieve a user's login activity history
Description
This endpoint retrieves a history of the user's login activities, including successful and expired login sessions. It provides details such as login time, device information, location, IP address, and session status. This information can be useful for security monitoring, allowing users to identify unauthorized access attempts or suspicious activities on their account.
Note: The pagination parameter expects a timestamp from the last record of the previous page. To get the next page, use the "pagination" value from the response. Up to 15 records are returned per page.
Authentication is required for this endpoint. You must include the required HMAC-based authentication headers as described in the Authentication section.
Headers
| Name | Value | Required | Description |
|---|---|---|---|
| MPY-SECUREKEY | {public_key} | Yes | Your public key obtained during login/registration |
| MPY-TIMESTAMP | {unix_timestamp} | Yes | Current unix timestamp in seconds |
| MPY-REQSIGNAL | {request_signature} | Yes | HMAC-SHA512 signature of the request |
| Content-Type | application/json | Yes | Format of the request body |
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| page | string | No | Page number for pagination (default: 123456789001) |
Request Example
GET /user_login_fetch?page=1687341045Body:
{}Success Response
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_login_fetch",
"STATUS": "OK"
},
"DATA": {
"result": [
{
"marker": "login_12345abcde",
"userid": "usr_12345abcde",
"authid": "auth_12345abcde",
"ipaddx": "192.168.1.1",
"recorded": "1687427445"
},
{
"marker": "login_987654321",
"userid": "usr_12345abcde",
"authid": "auth_987654321",
"ipaddx": "192.168.1.2",
"recorded": "1687341045"
}
],
"pagination": "123456789001"
}
}Possible Error Responses
{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_login_fetch",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "rqat_required",
"DETAILS": "Oops, unauthorised request (MPS613273847085343)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_login_fetch",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"ID": "response_empty",
"DETAILS": "We couldn't find any record matching your query (MPS753329501340356)"
}
}{
"REQUEST": {
"VERSION": "1.0",
"ACTION": "user_login_fetch",
"STATUS": "FAILED"
},
"ERRORS": {
"CODE": 401,
"MSG": "process_failed",
"DETAILS": "Failed to process your request (MPS742330378600148)"
}
}