Authenticate user's account

Authorizations

X-Client-Secret

string

header

required

Contact Mesh to get client Secret

X-Client-Id

string

header

required

Contact Mesh to get client Id

Query Parameters

userId

string

required

Id of the end-user

Maximum length: 50

Body

application/json

type

enum<string>

required

Available options:

robinhood,

eTrade,

alpaca,

tdAmeritrade,

weBull,

stash,

interactiveBrokers,

public,

coinbase,

kraken,

coinbasePro,

cryptoCom,

openSea,

binanceUs,

gemini,

cryptocurrencyAddress,

cryptocurrencyWallet,

okCoin,

bittrex,

kuCoin,

etoro,

cexIo,

binanceInternational,

bitstamp,

gateIo,

acorns,

okx,

bitFlyer,

coinlist,

huobi,

bitfinex,

deFiWallet,

krakenDirect,

vanguard,

binanceInternationalDirect,

bitfinexDirect,

bybit,

paxos,

coinbasePrime,

btcTurkDirect,

kuCoinDirect,

okxOAuth,

paribuDirect,

robinhoodConnect,

blockchainCom,

bitsoDirect,

binanceConnect,

binanceOAuth,

revolutConnect,

binancePay,

bybitDirect

authFlowStep

enum<string>

Available options:

loginPassword,

mfaFlow,

faceVerification,

createAPIKey,

loginQrCode

authToken

string | null

challengeAnswer

string | null

Used to provide answers to security questions

challengeCode

string | null

challengeId

string | null

challengeType

string | null

confirmationEmail

string | null

countryInfo

object

deviceInfo

string | null

isSensitiveFieldsEncrypted

boolean

Indicates whether the sensitive fields in this request are encrypted. When set to true, the following fields should be encrypted using Base64 encoding:

Username
Password
Phone
TradePin
ChallengeAnswer
MfaCode
DeviceInfo
ConfirmationEmail

Base64 encoding is used to encode these fields into a format that can be safely transmitted and stored.

isTryingAnotherWay

boolean

Flag indicating that the user is attempting to switch to the next available 2FA method (e.g., Email, Google Authenticator) after failing to complete or canceling the current verification method (e.g., Roaming 2FA).

This field is primarily used for Robinhood and BinanceInternationalDirect on the DeviceConfirmationPage when a user clicks the "Try Another Way" button. It informs the backend to move to the next MFA method instead of retrying the current one.

key

string | null

mfaCode

string | null

mfaType

enum<string>

Available options:

phone,

email,

totp,

phoneAndEmail,

requireNextSecurityQuestion,

readEmail,

face,

tradingPin,

qrCode,

password,

roaming,

mobile

password

string | null

phone

string | null

redirectLink

string | null

tradePin

string | null

username

string | null

webData

string | null

Response

200 - application/json

content

object

content.accessToken

string | null

deprecated

content.account

object

deprecated

content.accountTokens

object[] | null

content.allocatedIPAddress

string | null

content.authFlowStep

enum<string>

The AuthFlowStep is used to determine which state the authentication is in, for initial requests without MFA verification the value should be LoginPassword and when calling with MFA code it should be MfaFlow (currently used for BinanceInternationalDirect only).

Available options:

loginPassword,

mfaFlow,

faceVerification,

createAPIKey,

loginQrCode

content.challengeExpiresInSeconds

integer | null

Life span of the challenge

content.challengeId

string | null

Id of the challenge, relevant when the status is ChallengeIssued

content.challengeText

string | null

content.displayMessage

string | null

content.email

string | null

content.errorMessage

string | null

content.expiresInSeconds

integer | null

content.mfaType

enum<string>

Available options:

phone,

email,

totp,

phoneAndEmail,

requireNextSecurityQuestion,

readEmail,

face,

tradingPin,

qrCode,

password,

roaming,

mobile

content.qrCode

string | null

Qr code used to scan and solve facial verification (currently used for BinanceInternationalDirect only).

content.qrCodeLink

string | null

content.qrCodeLinkIOS

string | null

content.refreshToken

string | null

deprecated

content.refreshTokenExpiresInSeconds

integer | null

content.requiresReauthentication

boolean | null

content.status

enum<string>

Status of the request

Available options:

failed,

challengeFailed,

succeeded,

challengeIssued,

mfaRequired,

openInBrokerModule,

delayed,

deviceConfirmationRequired,

emailVerification,

emailReceived,

captchaChallenge,

faceVerification,

bindMfaRequired,

apiKeyGenerationError,

qrCodeRequired,

qrCodeExpired,

deviceLoginVerified

displayMessage

string | null

User-friendly display message that can be presented to the end user

errorData

any | null

errorType

string | null

Strictly-typed error type that is explaining the reason of an unsuccessful status of the operation. All possible error types are available in the documentation.

message

string | null

A message generated by the API

status

enum<string>

Available options:

ok,

serverFailure,

permissionDenied,

badRequest,

notFound,

conflict,

tooManyRequest,

locked,

unavailableForLegalReasons