Skip to main content

Introduction

The Two-Factor Authorization system, hereinafter referred to as tfa, aims to ensure authorization via a token sent to the person responsible for approving the change or inclusion of a record.

Token Request

ENDPOINT
/baas/token_request
METHOD
POST

To request a token, it is necessary to make a request with the contact method for sending the token and a specific object for the type of operation to be performed. The complete explanation of the payload to be sent for each operation is detailed on its own page. All sent payloads follow the same basic format below:

{
"contact_type":"sms",
"\<nome_do_objeto_da_operação\>":"\<objeto_da_operação\>"
}
Notice

contact_type implementations can vary from operation to operation.

Notice

The token generated in the Sandbox environment will always be 329329

Token validation

ENDPOINT
/baas/movement_validation
METHOD
POST

To complete the operation, it is necessary to send the received token in the payload, along with the same operation_object sent in the token request.

All sent payloads follow the same basic format below:

{
"token":"123456",
"\<nome_do_objeto_da_operação\>":"\<objeto_da_operação\>"
}
Attention

The token sent is valid for 120 seconds from its generation

Operations