Login (1.0.0)

Download OpenAPI specification:Download

Authentication

Bearer

Authentication JWT token, prefixed by Bearer: Bearer ${JWT}

Security Scheme Type API Key
Header parameter name: Authorization

LoginService

Login

Login Decision Request

Authorizations:
Request Body schema: application/json
clientId
required
string (clientId) ^[a-zA-Z0-9]{1,64}$

Kount's unique identifier for a Client

sessionId
required
string (sessionId) ^[\w-]{0,32}$

Device collection event identifier

userId
required
string (userId) .{1,256}$

Client’s unique identifier for a Client’s User

username
string (username) ^.{0,256}$

Username for a Client’s user

userPassword
string (userPassword) `^.{0,128}$`

Irrevocable hash of the Client's user's password

userIp
string <ipv4> (userIp)

User’s IPv4 address as identified by the Client

loginUrl
string (loginUrl) ^.{0,256}$

Webpage from which a Client’s user is attempting to log in

userAuthenticationStatus
string (userAuthenticationStatus) ^[a-zA-Z0-9]{1,64}$

Not validated/restricted, intended to indicate if user already completed step up authN

userCreationDate
string <date-time> (userCreationDate) YYYY-MM-DD'T'hh:mm:ss.fff'Z'

Date account was created for a Client's user

userType
string (userType) ^[a-zA-Z0-9]{1,128}$

Client’s designation for a Client’s user

mfaPhone
string (mfaPhone)

(Optional) The phone number that will be used to send the MFA link to via SMS

mfaEmail
string (mfaEmail)

(Optional) The email address that will be used to send the MFA link

userAgent
string (userAgent)

(Optional) Request header identifying information about the User's system

context
string (LoginRequestContext)
Enum: "PRE_AUTH" "GIFT_CARD" "LOYALTY" "COUPON" "FORM_FILL" "MARKETING" "PRE_LOGIN"
preferredLanguageCode
string (preferredLanguageCode) ^[a-z]{2}(-[a-zA-Z]{2})?$

(Optional) the preferred ISO language code, conforming to the ISO 639-1 standard, may be used for Challenge communication

object (v1Workflow)
customFields
object (customFields)

A JSON object containing user-defined key-value pairs. The key is the Custom field name (max characters 256) defined within the Kount 360 portal. A value assigned to the custom field. The value must conform to the data type specified in Kount 360 portal for the corresponding custom field name. The supported data type are boolean, number and string (max characters 256).

Responses

Request samples

Content type
application/json
{
  • "clientId": "900900",
  • "sessionId": "d121ea2210434ffc8a90daff9cc97e76",
  • "userId": "meoyyd8za8jdmwfm",
  • "username": "meoyyd8za8jdmwfm",
  • "userPassword": "38401eb46f8fbb74c1846a5f47f68d83a9bef126b1d4143f886cd464323cdaab",
  • "userIp": "192.168.0.1",
  • "userAuthenticationStatus": "true",
  • "userCreationDate": "2024-01-01T12:12:12.000Z",
  • "userType": "VIP",
  • "mfaPhone": "+12081234567",
  • "mfaEmail": "username@example.com",
  • "userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36",
  • "context": "PRE_AUTH",
  • "preferredLanguageCode": "en-us",
  • "workflow": {},
  • "customFields": { }
}

Response samples

Content type
application/json
{
  • "decision": "Allow",
  • "sessionId": "d121ea2210434ffc8a90daff9cc97e76",
  • "userProfile": "VIP",
  • "trustState": "TRUSTED",
  • "freindlyName": "Brad's Phone",
  • "deviceId": "7363b8ae6b2247b99f5d56fc81102254",
  • "matchedToDevice": "string",
  • "tags": [
    ],
  • "mfaType": "string",
  • "mfaEnabled": true,
  • "mfaId": "9d52fd78-3415-4cc9-b551-81f506257a98",
  • "userSegment": "VIP",
  • "guidance": "Allow",
  • "mfaError": "NOT_ENOUGH_INFO",
  • "set": {
    },
  • "tagWeights": [
    ],
  • "parentOrganizationData": {
    }
}

Login Decision Request V2

Authorizations:
Request Body schema: application/json
inquiryId
required
string (inquiryId)

Customer supplied identifier used to track state across the “inquiry” or customer journey

channel
string (channel)

Unique identifier of the website or app and/or product where the inquiry originated

deviceSessionId
required
string (deviceSessionId) ^[\w-]{0,32}$

Unique identifier for the customer's end-user's session on the site/app. Must be the same session ID used in the device data collection from the client-side Kount SDK. Uniqueness for this property is not enforced, but customers should provide unique values.

userIp
string <ipv4> (userIp)

The customer's end-user's IPv4 address as identified by the customer.

loginUrl
string (loginUrl) ^.{0,256}$

Webpage from which a Client’s user is attempting to log in.

object (v1Person)
object (v1Account)
object (v1Strategy)
customFields
object (customFields)

A JSON object containing user-defined key-value pairs. The key is the Custom field name (max characters 256) defined within the Kount 360 portal. A value assigned to the custom field. The value must conform to the data type specified in Kount 360 portal for the corresponding custom field name. The supported data type are boolean, number and string (max characters 256).

Responses

Request samples

Content type
application/json
{
  • "inquiryId": "string",
  • "channel": "ACME_IOS_APP",
  • "deviceSessionId": "d121ea2210434ffc8a90daff9cc97e76",
  • "userIp": "192.168.0.1",
  • "person": {
    },
  • "account": {
    },
  • "strategy": {
    },
  • "customFields": { }
}

Response samples

Content type
application/json
{
  • "decision": "ALLOW",
  • "deviceSessionId": "d121ea2210434ffc8a90daff9cc97e76",
  • "deviceId": "7363b8ae6b2247b99f5d56fc81102254",
  • "trustState": "TRUSTED",
  • "friendlyName": "Brad's Phone",
  • "policyManagement": {
    },
  • "mfa": {
    },
  • "parentOrganizationData": {
    }
}