Verify Transaction PIN API

Overview

Verify a user's transaction PIN to authorize financial transactions. The API uses the authorization token to identify the user and validate their transaction PIN.

API Details

• Method: POST
• URL: https://api.gafapay.com:8443/gafapay/v3/auth/verify_transaction_pin
• Content-Type: application/json
• companyid: 59388167894b4d10a04fe5da3b8a2104
• requestid: be08f79e-7eac-40e1-acbe-00f6ae7b8f7b
• Authorization: Token required

Endpoint

POST https://api.gafapay.com:8443/gafapay/v3/auth/verify_transaction_pin

Request Body

{
    "transaction_pin": "0000"
}

Request Parameters

• transaction_pin (String, required): The transaction PIN to be verified
  • Example: "0000"

Headers

authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJiNTJhZWYzOTk5ZWE0NTQ1YTg2OGE3NzIzNzc2OTlhMyIsInJvbGVzIjpbIlJPTEVfTUVSQ0hBTlQiXSwiZXhwIjoxNzU3MjI3MjA1fQ.shraUdMTOm27muCvBsPnZz8d0E5HeTuwxtHBxjksNm0
companyid: 59388167894b4d10a04fe5da3b8a2104
requestid: be08f79e-7eac-40e1-acbe-00f6ae7b8f7b

Response

{
    "success": 1,
    "error": [],
    "data": {
        "message": "AUTH_TRANSACTION_PIN_VERIFY_SUCCESS"
    }
}

Response Fields

• success (integer): Response status indicator
  • 1 = Success
  • 0 = Failure
• error (array): Array of error messages (empty on success)
• data (object): Response data object
  • message (string): Success message indicating transaction PIN verification was successful

Example Usage

curl --location 'https://api.gafapay.com:8443/gafapay/v3/auth/verify_transaction_pin' \
--header 'authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJiNTJhZWYzOTk5ZWE0NTQ1YTg2OGE3NzIzNzc2OTlhMyIsInJvbGVzIjpbIlJPTEVfTUVSQ0hBTlQiXSwiZXhwIjoxNzU3MjI3MjA1fQ.shraUdMTOm27muCvBsPnZz8d0E5HeTuwxtHBxjksNm0' \
--header 'companyid: 59388167894b4d10a04fe5da3b8a2104' \
--header 'requestid: be08f79e-7eac-40e1-acbe-00f6ae7b8f7b' \
--header 'Content-Type: application/json' \
--data '{
    "transaction_pin": "0000"
}'

Notes

• The API uses the valid authorization token from the request header to identify the user
• No need to pass user_id in the request body as the user is identified from the token
• The transaction PIN is verified against the stored PIN for the authenticated user
• This API is typically called before executing financial transactions to ensure user authorization
• The transaction PIN is separate from the login PIN and serves different security purposes