The MyAccount Phone API provides operations to enroll, update, and delete phone numbers. The API also provides utilities to create, view, and answer verification challenges.
A valid API version in the Accept header is required to access the API. Current version: 1.0.0
Accept: application/json; okta-version=1.0.0
Lists the current user's phone information for all phones. Includes a collection of links for each phone describing the acceptable operations.
Example response
Unauthorized
Not Acceptable (missing header)
[- {
- "id": "sms10ltpSdwXJCem80g4",
- "status": "VERIFIED",
- "profile": {
- "phoneNumber": "+13333333333"
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "DELETE"
]
}
}, - "challenge": {
- "hints": {
- "allow": [
- "POST"
]
}
}
}
}, - {
- "id": "sms18vrvVDDmi4Qlz0g4",
- "status": "UNVERIFIED",
- "profile": {
- "phoneNumber": "+12222222222"
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "DELETE"
]
}
}, - "challenge": {
- "hints": {
- "allow": [
- "POST"
]
}
}, - "verify": {
- "hints": {
- "allow": [
- "POST"
]
}
}
}
}
]Creates an UNVERIFIED status phone for either the SMS or CALL method to the user's MyAccount setting
Example response
Bad Request
Unauthorized
Forbidden
Not Acceptable (missing header)
Conflict
Internal Server Error
{- "profile": {
- "phoneNumber": "+1(444)444-4444"
}, - "sendCode": true,
- "method": "SMS"
}{- "id": "sms18vtfKgzqDhNqP0g4",
- "status": "UNVERIFIED",
- "profile": {
- "phoneNumber": "+1(444)444-4444"
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "DELETE"
]
}
}, - "challenge": {
- "hints": {
- "allow": [
- "POST"
]
}
}, - "verify": {
- "hints": {
- "allow": [
- "POST"
]
}
}
}
}Retrieves the current user's phone information by ID. Along with a collection of links describing the operations that can be performed to the phone.
Example response
Unauthorized
Not Found
Not Acceptable (missing header)
{- "id": "sms10ltpSdwXJCem80g4",
- "status": "VERIFIED",
- "profile": {
- "phoneNumber": "+1(333)333-3333"
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "DELETE"
]
}
}, - "challenge": {
- "hints": {
- "allow": [
- "POST"
]
}
}
}
}Deletes the current user's phone information by ID
No Content
Unauthorized
Forbidden
Not Found
Not Acceptable (missing header)
{- "errorCode": "E0000015",
- "errorSummary": "You do not have permission to access the feature you are requesting",
- "errorLink": "E0000015",
- "errorId": "oaeStOuPPxDRUm3PJhf-tL7bQ",
- "errorCauses": [ ]
}Sends a phone challenge using one of two methods: SMS or CALL. This request can also handle a resend challenge (retry).
Upon a successful challenge, the user receives a verification code by SMS or CALL. Send a POST request to the /idp/myaccount/phones/{id}/verify endpoint to use the verification code to verify the phone number. The verification code expires in five minutes.
Notes:
- Sending requests to the
/idp/myaccount/phones/{id}/challengeendpoint more often than once every 30 seconds, or at a rate that exceeds the rate limit rule configured by the admin, returns a 429 (Too Many Requests) error.
Example response after challenging a phone
Bad Request
Unauthorized
Forbidden
Not Found
Not Acceptable (missing header)
Internal Server Error
{- "method": "SMS"
}{- "_links": {
- "verify": {
- "hints": {
- "allow": [
- "POST"
]
}
}
}
}Verifies the phone number with the verification code that the user receives through SMS or CALL. The phone number is active upon a successful verification.
Notes:
- Sending requests to the
/idp/myaccount/phones/{id}/verifyendpoint at a rate that exceeds the rate limit rule configured by the admin returns a 429 (Too Many Requests) error.
No Content
Bad Request
Unauthorized
Forbidden
Not Found
Not Acceptable (missing header)
Conflict
{- "verificationCode": "048284"
}{- "errorCode": "E0000001",
- "errorSummary": "Api validation failed: Method",
- "errorLink": "E0000001",
- "errorId": "oaejUwz8U5FQ_SyggQwz1kC3w",
- "errorCauses": [
- {
- "errorSummary": "Invalid method some_invalid_method in the request."
}
]
}