Registration Process Flow

1. Check Identity (ciamregsrvc/webRegistration/checkIdentity)

This endpoint checks whether the User is available in Cymmetri Database with following scenarios:

• Check User in Cymmetri Database

• Query the Cymmetri database using the user details.

• If the user is found, initiate the login flow.

• If the user is not found, proceed to the next step.

Else, user will be checked in the CBS with the keeping following scenarios in consideration

• Query the Bank database using the user details.

• If the user is found, trigger the registration flow.

• Send an OTP (One-Time Password) to the user's registered email.

• If the user is not found, proceed to the next step.

IF neither cymmetri nor bank holds this user, then the following action will be performed

• send a response indicating invalid data/user does not exist.

POST //webRegistration/checkIdentity HTTP/1.1
Host: localhost:8080
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 73

{
  "cardNumber": "String",
  "deviceId": "String",
  "id": "String",
  "type": "String"
}

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}

2. Verify Email OTP (ciamregsrvc/webRegistration/VerifyEmailOtp)

Email OTP Verification Steps:

• Sending Email OTP: Generate and send an OTP to the user’s email in the registration step.

• Verifying Email OTP: When a user submits the OTP, it needs to be verified.

If Email OTP is Correct:

• Move to the next step and send a mobile OTP.

If Email OTP is Incorrect:

• Track attempts.

• If the user reaches the maximum number of attempts allowed, block the user.

POST //otp/verifyOtp HTTP/1.1
Host: localhost:8080
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 109

{
  "email": "text",
  "expInMinute": 1,
  "mobile": "text",
  "otp": "text",
  "otpLength": 1,
  "refId": "text",
  "templatId": "text"
}

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}

3. Resend OTP Email (ciamregsrvc/webRegistration/resendOtpEmail)

If the user does not receive the OTP, they can request to resend it.

POST //webRegistration/resendOtpEmail HTTP/1.1
Host: localhost:8080
Authorization: text
Accept: */*

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}

4. Verify Mobile OTP(ciamregsrvc/webRegistration/VerifyMobileOtp)

Mobile OTP Verification Steps:

• Sending Mobile OTP: Generate and send an OTP to the user’s mobile in the verify email OTP step.

• Verifying Mobile OTP: When a user submits the OTP, it needs to be verified.

If Mobile OTP is Correct:

• Proceed to the next step.

If Mobile OTP is Incorrect:

• Track attempts.

• If the user reaches the maximum number of attempts allowed, block the user.

POST //webRegistration/VerifyEmailOtp HTTP/1.1
Host: localhost:8080
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 38

{
  "emailOtp": "text",
  "mobileOtp": "text"
}

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}

5. Resend OTP Mobile (ciamregsrvc/webRegistration/resendOtpMobile)

If the user does not receive the OTP, they can request to resend it.

POST //webRegistration/resendOtpMobile HTTP/1.1
Host: localhost:8080
Authorization: text
Accept: */*

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}

6. Get MFA LIST (ciamregsrvc/webRegistration/mfa/list)

Fetch all the available MFA factors.

GET //webRegistration/mfa/list HTTP/1.1
Host: localhost:8080
Authorization: text
Accept: */*

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}

7. Authenticate User (ciamregsrvc/webRegistration/authenticateUser)

Authentication Steps:

• Authenticate user with available MFA factors like credit card, debit card.

• If the user entered correct details, proceed to the next step.

• If a user entered wrong details and reaches the maximum number of attempts allowed, block the user.

POST //webRegistration/authenticateUser HTTP/1.1
Host: localhost:8080
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 119

{
  "authenticationType": "DEBIT_CARD",
  "cardNo": "text",
  "expiryMonth": "text",
  "expiryYear": "text",
  "mpin": "text",
  "pin": "text"
}

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}

8. Fetch existing User Id (ciamregsrvc/webRegistration/existingUserId)

Fetch user ID from the existing system (bank database if available).

GET //webRegistration/existingUserId HTTP/1.1
Host: localhost:8080
Authorization: text
Accept: */*

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}

9. Save user id (ciamregsrvc/webRegistration/saveuserid)

User can save a new user ID if it is not already in use.

POST //webRegistration/saveuserid HTTP/1.1
Host: localhost:8080
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 39

{
  "password": "String",
  "userId": "String"
}

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}

10. Validate Password (ciamregsrvc/webRegistration/validatePassword)

· Validate if the password follows all the rules.

· If it does, move on to the next step.

· If it doesn't, the user needs to choose another password.

POST //webRegistration/validatePassword HTTP/1.1
Host: localhost:8080
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 39

{
  "password": "String",
  "userId": "String"
}

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}

11. Set Password: (ciamregsrvc/webRegistration/setIbPassword)

· The user can set a password that meets all the password policy requirements.

POST //webRegistration/setIbPassword HTTP/1.1
Host: localhost:8080
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 255

{
  "customerId": "String",
  "customerType": "String",
  "email": "String",
  "firstName": "String",
  "gender": "String",
  "lastName": "String",
  "middleName": "String",
  "name": "String",
  "password": "String",
  "phoneNumber": "String",
  "registrationType": "String",
  "viewOnlyRights": false
}

{
  "data": {},
  "errorCode": "String",
  "errorMeta": "String",
  "message": "String",
  "success": false,
  "timestamp": "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"
}