Login Process

The login system supports multiple login methods, including personal and business logins, email/phone number logins, password/verification code logins, and third-party login services. Additionally, it

Features

Personal/Business Login: Supports login needs for both personal and business users.
Email/Phone Number Login: Users can choose to log in using either email or phone number.
Password/Verification Code Login: Provides both password login and verification code login methods.
Third-Party Login: Supports third-party logins from Google, Facebook, Twitter, Telegram, Apple, and MetaMask.
Google MFA Authentication: Enhances account security by supporting Google MFA authentication.

Relevant Interfaces

Login Interface
- Endpoint: /login/customer.app.CustomerWebApiService.login
- Function: Handles user login requests.
- Note: The login password must be transmitted in MD5 encrypted format; plain text transmission is prohibited.
Country/Region Query Interface
- Endpoint: /global/config.app.AppDictDubboService.getCountryListByParentCode
- Function: Queries the country and region list based on country codes.
Supported Countries for Business Account Opening
- Endpoint: /global/customer.app.KycWebApiService.findCompanyCountry
- Function: Retrieves the list of countries that support business account openings.
Customer Information Verification Interface
- Endpoint: /global/customer.app.CustomerWebApiService.checkStatus
- Function: Checks whether customer information is valid.
Send Verification Code Interface
- Endpoint: /global/message.app.VerificationApiService.verifyCodeSend
- Function: Sends a verification code to the user.
Check Google MFA Status Interface
- Endpoint: /global/customer.app.CustomerWebApiService.checkGoogleMFAStatus
- Function: Checks if the customer has enabled Google MFA.

Interface Usage Instructions

Before calling the interfaces, please ensure you have carefully read the relevant interface documentation. Below are specific instructions for different login methods:

Email Login

Login

Use the login interface, passing in loginName, loginPwd, and type parameters.

{
  // User login name, supports email or phone number format
  "loginName": "[email protected]",               

  // User login password (transmitted in MD5 encrypted format, plain text transmission is prohibited)
  "loginPwd": "3e20062d9a45df86f2180cfc68580aaa", 

  // Login type: 1 for email login, 2 for phone number login
  "type": 1                                
}

Note: The login password must be MD5 encrypted before transmission; plain text transmission is prohibited.

Phone Number Login

Get Country Code Data
- Call the country/region query interface to obtain the country code data.

Login

Use the login interface, passing in loginName, loginPwd, type, and phoneArea parameters. Refer to the interface documentation for specific parameter descriptions.

{
  // User login name: phone number
  "loginName": "68423752",               

  //  User login password: transmitted in MD5 encrypted format, plain text transmission is prohibited
  "loginPwd": "3e20062d9a45df86f2180cfc68580aaa", 

  // Login type: 2 for phone number login
  "type": 2,                            

  // Country code: obtained from the country list interface, e.g., "+852"
  "phoneArea": "+852"                   
}

Verify Customer Information

Use the customer information verification interface to ensure the account exists.

{
  // User login name: phone number
  "loginName": "68423752",              

  // Login type: 2 for phone number login
  "type": 2                             
}

Send Verification Code

Call the send verification code interface to obtain a ticket for successful code sending (sendToken).

{
  // Business type: EMAIL_LOGIN_VERIFICATION_CODE for email login verification code, SMS_LOGIN_VERIFICATION_CODE for SMS login verification code
  "bizType": "SMS_LOGIN_VERIFICATION_CODE",

  // User receiving target: phone number should include country code, e.g., "+852 68423752" or email address, e.g., "[email protected]"
  "toUser": "+852 68423752"
}

Complete Login

Use the login interface, passing in loginName, type, phoneArea, sendToken, and verifyCode parameters. Refer to the interface documentation for specific parameter descriptions.

{
// User login name: mobile phone number
"loginName": "68423752",

// Login type: 2 means login using mobile phone number
"type": 2,

// Country code: for example "+852", used to ensure that the mobile phone number format is correct
"phoneArea": "+852",

// Verification code sending ticket: obtained after sending the verification code, used for verification
"sendToken": "ac233902-e270-4c23-98b1-c10f431b1474",

// Verification code: verification code entered by the user, used to complete the login
"verifyCode": "452330"
}

Note:
- Account Verification: The account must be verified before sending the verification code.
- Verification Code Ticket: The sendToken parameter is the ticket returned after successfully sending the verification code, used to verify the validity of the code.

3. Google MFA Authentication

Check if the User Has Enabled Google MFA
- Use the check Google MFA status interface, which will return an integer indicating the user's Google MFA status; a value greater than 0 means enabled, otherwise it means disabled.

Login Interface (with Google MFA support)

Use the login interface, passing in loginName, type, phoneArea, and googleCode parameters. Refer to the interface documentation for specific parameter descriptions.

{
// User login name: mobile phone number
"loginName": "68423752",

// Login type: 2 means login using mobile phone number
"type": 2,

// Country code: for example "+852", used to ensure that the mobile phone number format is correct
"phoneArea": "+852",

// Google verification code: 6-digit dynamic verification code obtained by the user from Google Authenticator
"googleCode": "234512"
}

Note: googleCode is the 6-digit code obtained from Google Authenticator, used for MFA verification.

Frequently Asked Questions

What is the validity period of the token returned after a successful login?

Token Validity: The token returned after a successful login is valid for 2 hours.
Automatic Renewal: If a request is received within the 2-hour validity period, the token will be automatically renewed for another 2 hours.

PreviousCaptcha NextRegister Process

Last updated 1 year ago

Features

Relevant Interfaces

Interface Usage Instructions

1. Password Login

2. Verification Code Login

3. Google MFA Authentication

Frequently Asked Questions