POST
/
api
/
v1
/
authenticate

Authorizations

X-Client-Secret
string
headerrequired

Contact Mesh to get client Secret

X-Client-Id
string
headerrequired

Contact Mesh to get client Id

Query Parameters

userId
string
required

Id of the end-user

Body

application/json
type
enum<string>
required
Available options:
robinhood,
eTrade,
alpaca,
tdAmeritrade,
weBull,
stash,
interactiveBrokers,
public,
coinbase,
kraken,
coinbasePro,
cryptoCom,
openSea,
binanceUs,
gemini,
cryptocurrencyAddress,
cryptocurrencyWallet,
okCoin,
bittrex,
kuCoin,
etoro,
cexIo,
binanceInternational,
bitstamp,
gateIo,
acorns,
okx,
bitFlyer,
coinlist,
huobi,
bitfinex,
deFiWallet,
krakenDirect,
vanguard,
binanceInternationalDirect,
bitfinexDirect,
bybit,
paxos,
coinbasePrime,
btcTurkDirect,
kuCoinDirect,
okxOAuth,
paribuDirect,
robinhoodConnect,
blockchainCom
phone
string | null
username
string | null
password
string | null
tradePin
string | null
countryInfo
object
challengeId
string | null
challengeCode
string | null
challengeType
string | null
challengeAnswer
string | null

Used to provide answers to security questions

mfaCode
string | null
mfaType
enum<string>
Available options:
phone,
email,
totp,
phoneAndEmail,
requireNextSecurityQuestion,
readEmail,
face,
tradingPin,
qrCode,
password
deviceInfo
string | null
webData
string | null
authFlowStep
enum<string>
Available options:
loginPassword,
mfaFlow,
faceVerification,
createAPIKey,
loginQrCode
key
string | null
authToken
string | null
redirectLink
string | null
confirmationEmail
string | null
isSensitiveFieldsEncrypted
boolean

Indicates whether the sensitive fields in this request are encrypted. When set to true, the following fields should be encrypted using Base64 encoding:

  • Username
  • Password
  • Phone
  • TradePin
  • ChallengeAnswer
  • MfaCode
  • DeviceInfo
  • ConfirmationEmail

Base64 encoding is used to encode these fields into a format that can be safely transmitted and stored.

Response

200 - application/json
status
enum<string>
Available options:
ok,
serverFailure,
permissionDenied,
badRequest,
notFound,
conflict,
tooManyRequest,
locked,
unavailableForLegalReasons
message
string | null

A message generated by the API

displayMessage
string | null

User-friendly display message that can be presented to the end user

errorType
string | null

Strictly-typed error type that is explaining the reason of an unsuccessful status of the operation. All possible error types are available in the documentation.

errorData
any | null
content
object
Get authentication schemesGet OAuth authentication link