Profile Management

This section covers the endpoints related to user profile management, and password reset.

Workflow Overview

Verify Email: In case it was skipped during registration.
- Request Email verification.
- Validate OTP and confirm mail.
Password Reset:
- Request password reset code
- Verify code and set new password
Update Email:
- Request email update
- Verify new email with OTP
Update Phone:
- Send Phone OTP
- Re-Validate Liveness (if Digital Identity verified)
- Validate Phone OTP

1- Verify Email address

In case it was not verified during registration, we have a separate endpoint for this.

The operation consists of calling the same endpoint twice:

For requesting Email OTP Request body:
- email
For validating the received OTP Request body:
- email
- emailOtpRequestId
- emailOtp

post

Body

emailstringRequired

emailOtpstring · nullableOptional

emailOtpRequestIdstring · nullableOptional

transactionIdstring · uuidOptional

returnUrlstring · nullableOptional

Responses

200

Success

post

/api/DigitalIdentity/VerifyEmail

POST /api/DigitalIdentity/VerifyEmail HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 135

{
  "email": "text",
  "emailOtp": "text",
  "emailOtpRequestId": "text",
  "transactionId": "123e4567-e89b-12d3-a456-426614174000",
  "returnUrl": "text"
}

200

Success

{
  "data": {
    "emailOtpRequestId": "123e4567-e89b-12d3-a456-426614174000",
    "emailOtpExpireInSeconds": 1,
    "isEmailConfirmed": true,
    "transactionId": "123e4567-e89b-12d3-a456-426614174000"
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

2- Reset Password Workflow

At Vlens, we have two reset password flows:

When the user provides an email.
When the user does not provide an email.

1. If the user has an email

post

Body

emailOrPhoneNumberstringRequired

idNumberstring · nullableOptional

Responses

200

Success

post

/api/DigitalIdentity/ForgetPassword/SendEmailOtp

POST /api/DigitalIdentity/ForgetPassword/SendEmailOtp HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 47

{
  "emailOrPhoneNumber": "text",
  "idNumber": "text"
}

200

Success

{
  "data": {
    "emailOtpRequestId": "123e4567-e89b-12d3-a456-426614174000",
    "emailOtpExpireInSeconds": 1
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

post

Body

emailOrPhoneNumberstringRequired

idNumberstring · nullableOptional

emailOtpRequestIdstringRequired

emailOtpstringRequired

Responses

200

Success

post

/api/DigitalIdentity/ForgetPassword/ValidateEmailOtp

POST /api/DigitalIdentity/ForgetPassword/ValidateEmailOtp HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 92

{
  "emailOrPhoneNumber": "text",
  "idNumber": "text",
  "emailOtpRequestId": "text",
  "emailOtp": "text"
}

200

Success

{
  "data": {
    "phoneNumberOtpRequestId": "123e4567-e89b-12d3-a456-426614174000",
    "phoneNumberOtpExpireInSeconds": 1
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

post

Body

emailOrPhoneNumberstringRequired

idNumberstring · nullableOptional

phoneNumberOtpRequestIdstringRequired

phoneNumberOtpstringRequired

Responses

200

Success

post

/api/DigitalIdentity/ForgetPassword/ValidatePhoneOtp

POST /api/DigitalIdentity/ForgetPassword/ValidatePhoneOtp HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 104

{
  "emailOrPhoneNumber": "text",
  "idNumber": "text",
  "phoneNumberOtpRequestId": "text",
  "phoneNumberOtp": "text"
}

200

Success

{
  "data": {
    "userId": 1,
    "passwordResetCode": "text"
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

post

Body

userIdinteger · int64Optional

resetCodestring · nullableOptional

passwordstring · nullableOptional

returnUrlstring · nullableOptional

singleSignInstring · nullableOptional

cstring · nullableOptional

Responses

200

Success

post

/api/DigitalIdentity/ForgetPassword/Reset

POST /api/DigitalIdentity/ForgetPassword/Reset HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 101

{
  "userId": 1,
  "resetCode": "text",
  "password": "text",
  "returnUrl": "text",
  "singleSignIn": "text",
  "c": "text"
}

200

Success

{
  "data": {
    "canLogin": true,
    "userName": "text"
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

2. If the user does not have an email

post

Body

phoneNumberstringRequired

idNumberstring · nullableOptional

Responses

200

Success

post

/api/DigitalIdentity/ForgetPasswordByPhone/SendPhoneOtp

POST /api/DigitalIdentity/ForgetPasswordByPhone/SendPhoneOtp HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 40

{
  "phoneNumber": "text",
  "idNumber": "text"
}

200

Success

{
  "data": {
    "phoneNumberOtpRequestId": "123e4567-e89b-12d3-a456-426614174000",
    "phoneNumberOtpExpireInSeconds": 1
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

post

Body

phoneNumberstringRequired

idNumberstring · nullableOptional

phoneNumberOtpRequestIdstringRequired

phoneNumberOtpstringRequired

Responses

200

Success

post

/api/DigitalIdentity/ForgetPasswordByPhone/ValidatePhoneOtp

POST /api/DigitalIdentity/ForgetPasswordByPhone/ValidatePhoneOtp HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 97

{
  "phoneNumber": "text",
  "idNumber": "text",
  "phoneNumberOtpRequestId": "text",
  "phoneNumberOtp": "text"
}

200

Success

{
  "data": {
    "userId": 1,
    "passwordResetCode": "text"
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

3- Update user's email

Don't forget to include the access token as a bearer token.

post

Body

emailstring · emailRequired

Responses

200

Success

post

/api/DigitalIdentity/UpdateEmailRequest

POST /api/DigitalIdentity/UpdateEmailRequest HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 26

{
  "email": "[email protected]"
}

200

Success

{
  "data": {
    "isEmailConfirmed": true,
    "emailOtpRequestId": "123e4567-e89b-12d3-a456-426614174000",
    "emailOtpExpireInSeconds": 1
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

post

Body

emailOtpRequestIdstringRequired

emailOtpstringRequired

Responses

200

Success

post

/api/DigitalIdentity/ValidateUpdateEmailRequestOtp

POST /api/DigitalIdentity/ValidateUpdateEmailRequestOtp HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 46

{
  "emailOtpRequestId": "text",
  "emailOtp": "text"
}

200

Success

{
  "data": {
    "isEmailConfirmed": true,
    "emailOtpRequestId": "123e4567-e89b-12d3-a456-426614174000",
    "emailOtpExpireInSeconds": 1
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

4- Update user's phone number

This flow enables users to update their phone number securely using an OTP and liveness verification mechanism. The process involves three main steps:

Send Phone OTP Initiates the phone update request by verifying the user's credentials and checking if digital identity revalidation is needed. If not, an OTP is sent immediately.
Re-Validate Liveness (only if required) If the user needs to re-validate their digital identity, a liveness check (face capture) is required. Once validated, the OTP will be sent to the new phone number.
Validate Phone OTP The user confirms their phone number update by submitting the received OTP using the phoneNumberOtpRequestId from the previous step.

post

Body

phoneNumberstringRequired

passwordstringRequired

Responses

200

Success

post

/api/DigitalIdentity/UpdatePhone/SendPhoneOtp

POST /api/DigitalIdentity/UpdatePhone/SendPhoneOtp HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 40

{
  "phoneNumber": "text",
  "password": "text"
}

200

Success

{
  "data": {
    "needsReValidate": true,
    "phoneNumberOtpRequestId": "123e4567-e89b-12d3-a456-426614174000",
    "phoneNumberOtpExpireInSeconds": 1
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

post

Body

phoneNumberstringRequired

passwordstringRequired

imagestringRequired

Responses

200

Success

post

/api/DigitalIdentity/UpdatePhone/ReValidateLiveness

POST /api/DigitalIdentity/UpdatePhone/ReValidateLiveness HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 55

{
  "phoneNumber": "text",
  "password": "text",
  "image": "text"
}

200

Success

{
  "data": {
    "needsReValidate": true,
    "phoneNumberOtpRequestId": "123e4567-e89b-12d3-a456-426614174000",
    "phoneNumberOtpExpireInSeconds": 1
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

post

Body

phoneNumberOtpRequestIdstringRequired

phoneNumberOtpstringRequired

Responses

200

Success

post

/api/DigitalIdentity/UpdatePhone/ValidatePhoneOtp

POST /api/DigitalIdentity/UpdatePhone/ValidatePhoneOtp HTTP/1.1
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 58

{
  "phoneNumberOtpRequestId": "text",
  "phoneNumberOtp": "text"
}

200

Success

{
  "data": {
    "isPhoneNumberConfirmed": true
  },
  "error_code": 1,
  "error_message": "text",
  "error_descriptions": null
}

PreviousRegistration NextLogin

Last updated 2 months ago

hashtagWorkflow Overview

hashtag1- Verify Email address

hashtagThe operation consists of calling the same endpoint twice:

hashtag2- Reset Password Workflow

hashtag1. If the user has an email

hashtag2. If the user does not have an email

hashtag3- Update user's email

hashtag4- Update user's phone number

Workflow Overview

1- Verify Email address

The operation consists of calling the same endpoint twice:

2- Reset Password Workflow

1. If the user has an email

2. If the user does not have an email

3- Update user's email

4- Update user's phone number