API Overview Resources Schemas

Number Verification

API operation of Number Verification API.

Verifies if the received hashed/plain text phone number matches the phone number associated with the access token

Verifies if the specified phone number (either in plain text or hashed format) matches the one that the user is currently using. Only one of the plain or hashed formats must be provided. - The number verification will be done for the user that has authenticated via mobile network - It returns true/false depending on if the hashed phone number received as input matches the authenticated user's `device phone number` associated to the access token

POST /orgs/{org_id}/number-verification/verify

Parameters

Name	In	Type	Required	Description
org_id	path	string	true	‘none’
body	body	NumberVerificationVerifyRequest	true	‘none’

Request body - instance of NumberVerificationVerifyRequest

1
2
3
4
5
6
7


{
  "referenceMsisdn": "+123456789",
  "evidence": {
    "type": "PLAIN",
    "value": "string"
  }
}

Name	Type	Required	Description
referenceMsisdn	string	false	The MSISDN assigned by the network and extracted from the authentication token. A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, prefixed with ‘+’.
evidence	object	false	none
» type	string	true	Type of evidence provided: - `PLAIN`: The MSISDN is provided in plain text. - `HASHED_SHA256`: The MSISDN is provided as a hashed value. SHA-256 (in hexadecimal representation) of the mobile phone number in E.164 format (starting with country code). Prefixed with ‘+’.
» value	string	true	A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique, it has to be formatted in international format, according to the E.164 standard, prefixed with ‘+’.

Property	Values
type	one of [PLAIN, HASHED_SHA256]

Request example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12



curl -X POST https://opengateway.masstack.com/v1/orgs/{org_id}/number-verification/verify \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
 --data-raw "{
  'referenceMsisdn': '+123456789',
  'evidence': {
    'type': 'PLAIN',
    'value': 'string'
  }
}" 

Responses

Code	Meaning	Description	Schema
200	OK	OK	NumberVerificationMatchResponse
400	Bad Request	Problem with the client request	NumberVerificationErrorInfo
401	Unauthorized	Unauthorized	NumberVerificationErrorInfo
403	Forbidden	Client does not have sufficient permission.
In addition to regular scenario of `PERMISSION_DENIED`, other scenarios may exist:

Client authentication was not via mobile network. In order to check the authentication method, AMR parameter value in the 3-legged user’s access token can be used and make sure that the authentication was not either by SMS+OTP nor username/password ({"code": "NUMBER_VERIFICATION.USER_NOT_AUTHENTICATED_BY_MOBILE_NETWORK","message": "Client must authenticate via the mobile network to use this service"})
Phone number cannot be deducted from access token context.({"code": "INVALID_TOKEN_CONTEXT","message": "Phone number cannot be deducted from access token context"})|NumberVerificationErrorInfo|
|500|Internal Server Error|Server error|NumberVerificationErrorInfo|
|503|Service Unavailable|Service unavailable. Typically the server is down.|NumberVerificationErrorInfo|
|504|Gateway Time-out|Request time exceeded. If it happens repeatedly, consider reducing the request complexity|NumberVerificationErrorInfo|

Endpoints

Consents

Number Verification

Sim Swap