Submit an Outsourced SCA Attempt

POST 
/sca/events/:eventId/attempts

Submits an Outsourced authentication attempt for a Strong Customer Authentication (SCA) event.

Once an SCA process for a specific wallet operation is initiated and active (i.e., not expired or failed), and the challenge has been received, the user has a limited number of attempts to complete it (e.g., verify the OTP code sent via SMS), as defined by allowableAttempts. Each new authentication attempt increments the currentAttempts count until it reaches the predefined limit. When the limit is reached, no further authentication attempts for the same process are accepted and are automatically denied. There is no cooldown period, and the SCA process is marked as failed. To retry the authentication, a new SCA process must be started, and the user can attempt the authentication again. The process status is always determined by the most recent verification attempt, regardless of what happened in previous attempts (e.g., the process will be marked as failed if the last attempt failed, even if earlier attempts were successful).

More details can be found in Strong Customer Authentication.

Request

Responses

201

Created

400

Bad Request

401

Unauthorized

404

Not Found

405

Method Not Allowed

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable