GET /api/businesses/{BusinessID}/challenges
Returns information about the security challenge questions set up for a business.
Authorization Roles/Permissions: None. Login is not required, since one use of this operation is to help a user to log in.
Note: The CSRF header is not required for this operation even when CSRF prevention is turned on in the platform for READ requests.
This topic includes the following sections:
HTTP Method
GET
URL
https://{hostname}/api/api/businesses/{BusinessID}/challenges
Sample Request
The example below shows a request for the challenges for the specified business
Sample Request URL
https://{hostname}/api/api/businesses/tenantbusiness.acmepaymentscorp/challenges[?IncludeInactive=true]
Sample request headers
Accept: application/json
Sample request body
Not applicable.
Request Headers
For general information on request header values, refer to HTTP Request Headers.
| Header | Description |
|---|---|
| Accept |
application/json, application/xml application/vnd.soa.v71+json, application/vnd.soa.v71+xml application/vnd.soa.v72+json, application/vnd.soa.v72+xml application/vnd.soa.v80+json, application/vnd.soa.v80+xml application/vnd.soa.v81+json, application/vnd.soa.v81+xml application/vnd.soa.v84+xml |
| Cookie | AtmoAuthToken_{fedmemberid}={cookie value, which usually starts with TokenID}—The platform cookie. This is the Akana API Platform authorization token, and must be sent with every API request that requires login. For more information and an example, see Session cookies. |
| X-Csrf-Token_{fedmemberID} | The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login. |
Request Parameters
| Parameter | Parm Type | Data Type | Required | Description |
|---|---|---|---|---|
| BusinessID | Path | string | Required | The unique ID for a specific business organization on the platform. |
| IncludeInactive | Query | Boolean | Optional | Indicates whether inactive challenges should be included in the response. Default: false. |
Response
If successful, this operation returns HTTP status code 200, with information about the challenge questions set up for the business.
Sample Response
The sample response below shows successful completion of this operation. There are four challenge questions.
Sample response headers: application/json
Status Code: 200 OK Content-Type: application/json Date: Tue, 23 Jan 2018 20:18:14 GMT
Sample response body: application/json
{
"Challenge":[
{
"ChallengeCode":"com.soa.challenge.question.city.birth",
"ChallengeQuestion":"What is the city of your birth?",
"Active":true
},
{
"ChallengeCode":"com.soa.challenge.question.color",
"ChallengeQuestion":"What is your favorite color?",
"Active":true
},
{
"ChallengeCode":"com.soa.challenge.question.mothers.name",
"ChallengeQuestion":"What is your mother's maiden name?",
"Active":true
},
{
"ChallengeCode":"com.soa.challenge.question.pet",
"ChallengeQuestion":"What is the name of your pet?",
"Active":true
}
]
}
Response Headers
For general information on response header values, refer to HTTP Response Headers.
| Header | Description |
|---|---|
| Content-Type | application/json, application/xml, application/vnd.soa.v71+json, application/vnd.soa.v71+xml, application/vnd.soa.v72+json, application/vnd.soa.v72+xml, application/vnd.soa.v80+json, application/vnd.soa.v80+xml, application/vnd.soa.v81+json, application/vnd.soa.v81+xml |
Response Body
| Name | Type | Description |
|---|---|---|
| Challenges | Challenges | Contains information about one or more business challenges (security questions and answers). |
Error Codes/Messages
If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.
| Item | Value |
|---|---|
| 500 | An error occurred processing the call. |
More information about Akana API Platform API error messages.
