Try   HackMD

API Endpoints for a secure Wire Transfer

For this exercise, I am assuming:

  • The user already signed up with enrolled and validated factors for authentication
  • This API is based on RESTful principles
  • Responds with JSON messages
  • Provides search, pagination, sorting, and filtering

API Endpoints

Multi Factor Authentication

Enroll authenticators

SMS or voice
One-time password (OTP)
Push
Email
Devices

List enrolled factors

GET /api/users/:id/devices

Verify a factor

POST /api/users/:id/verifications/:verification_id>

Delete a factor

DELETE /api/users/:user_id/devices/:device_id

Generate a MFA token

(for acount recovery purposes)

POST /api/users/:user_id/mfa_token

Transfers

POST /api/transfers
GET /api/transfers/:transfer_id
POST /api/transfers/:transfer_id
GET /api/transfers

Attributes

id (String)

amount integer (in cents) REQUIRED

currency currency (ISO currency code) REQUIRED

destination (String) REQUIRED

description (String) optional

metadata hash optional

CREATE A TRANSFER

POST /api/transfers

LIST TRANSFERS

GET /api/transfers/

GET A TRANSFER

GET /api/transfers/:transfer_id

UPDATE A TRANSFER

Only non-mandatory fields might be updated

PUT /api/transfers/:transfer_id