Registration verification is the optional process of verifying a member's account details before attempting to register it. For example, this endpoint will allow your login screen to first check if an account exists before prompting for the user's password (if registered account does exist) or forwarding them to your registration screen (if registered account does not exist).\

Verification Statuses

When attempting to verify an account, there are a number of different statuses that may be returned. Keep in mind that the implementation and specific requirements for a given client or the status of the account may change the amount of information required, so your process should not anticipate every request returning the same result from member to member.\

Multifactor Authentication

Receiving a mfarequired status

When a status of mfarequired is returned, the member must confirm a code that is sent to them via sms, email, or phone. Recuro Health will automatically send the code when you receive the mfarequired status. You can inform the member where the code was sent by referencing the MFACommunication object found within the MultiFactorAuthSubmission returned with the response.

Example verification request

{
    "MemberId": "abc123",
    "LastName": "Doe",
    "DateOfBirth": "05/12/1972",
    "EmailAddress": "[email protected]",
    "PhoneNumber": null,
    "MFAVerification": null,
    "Password": null
}

Example mfarequired response

{
	"Status": "mfarequired",
	"UserId": null,
	"MultiFactorAuthSubmission": {
		"MFACommunication": {
			"DeliveryMethod": "sms",
			"MaskedToAddress": "********1234"
		},
		"Status": "pending",
		"Expiration": "2021-04-29T07:48:28Z",
		"RequestCode": "RitEQVozaWRjLzNGM1E5dVQyN0hBT3VZUzJvRXQrbT..."
	},
	"MultiFactorAuthAlternatives": []
}

It's also possible for multiple delivery methods to be available to the member depending on the amount of information Recuro Health has for the member's account already. If additional methods of delivery are available, they will present themselves in the MultiFactorAuthAlternatives object. If the member would like to use one of these methods instead, submit the request again and populate the mfacommunicationmethod query parameter with the chosen delivery method.

Example mfarequired response with alternative delivery methods

{
	"Status": "mfarequired",
	"UserId": null,
	"MultiFactorAuthSubmission": {
		"MFACommunication": {
			"DeliveryMethod": "sms",
			"MaskedToAddress": "********1234"
		},
		"Status": "pending",
		"Expiration": "2021-04-29T07:48:28Z",
		"RequestCode": "RitEQVozaWRjLzNGM1E5dVQyN0hBT3VZUzJvRXQrbT..."
	},
	"MultiFactorAuthAlternatives": [
		{
			"DeliveryMethod": "phone",
			"MaskedToAddress": "********1234"
		},
		{
			"DeliveryMethod": "email",
			"MaskedToAddress": "an*******[email protected]"
		}
	]
}

Completing the MFA request

To complete the MFA process, take the RequestCode and return it with the member's inputted ResponseCode in the follow-up verification request.

Example request including the MFAVerification

{
    "MemberId": "abc123",
    "LastName": "Doe",
    "DateOfBirth": "05/12/1972",
    "EmailAddress": "[email protected]",
    "PhoneNumber": null,
    "MFAVerification": {
		"RequestCode": "RitEQVozaWRjLzNGM1E5dVQyN0hBT3VZUzJvRXQrbT...",
		"ResponseCode": "123456"
	},
    "Password": null
}

Request

POST/user/v1/member/registration/verify\

Query Parameters

Indicates if the account should be immediately registered if a successful verification takes place. Default value is false. If you choose to not register using this endpoint, you will need to use the /register endpoint to complete the process.

Specifies a specific delivery method for multifactor authentication.

Payload Properties

The unique identifier assigned to the member by Recuro Health or the client. Required if registeronmatchfound is true.

The last name of the member as it appears in Recuro Health's system.

The member's date of birth.

The member's email address. Required if registeronmatchfound is true.

The member's mobile phone number.

The MFA object containing confirming the member's identity.

The code that was listed in the MultiFactorAuthSubmission in the response from the API.

The code that was sent to the member.

The member's chosen password. Required if registeronmatchfound is true.

Example:

curl -XPOST 'https://platform.wellviasolutions.com/user/v1/member/registration/verify?registeronmatchfound=false&mfadeliverymethod=email' \
    -u 'Bearer:{your_token}'
    -d 'MemberId=abc123'
    -d 'LastName=Doe'
    -d 'DateOfBirth=05/12/1972'
    -d 'PhoneNumber='
    -d 'MFAVerification='
    -d 'Password='

POST https://platform.wellviasolutions.com/user/v1/member/registration/verify?registeronmatchfound=false&mfadeliverymethod=email HTTP/1.1

{
    "MemberId": "abc123",
    "LastName": "Doe",
    "DateOfBirth": "05/12/1972",
    "EmailAddress": "[email protected]",
    "PhoneNumber": null,
    "MFAVerification": null,
    "Password": null
}

using WellViaSDK.Member;
using WellViaSDK.Core.Dictionaries;

// Config and credentials outlined in earlier examples
var _memClient = new WellViaMemberServiceClient(config, credentials);

var regRequest = new RegistrationVerificationCreate(memberId: "abc123", lastName: "Doe", dateOfBirth: "05/12/1972", emailAddress: "[email protected]", phoneNumber: null, mfaVerification: null, password: null);
var regResult = await _memClient.VerifyRegistrationAsync(request: regRequest, registerOnMatchFound: false, mfaDeliveryMethod: CommunicationMethod.Email);

Response

A Registration object if a valid request was provided.