The Sign In Intermediary API signs in an intermediary (i.e. creates a new user session). This API should be used when an intermediary is signing in to a user account that has already been created.
This API can also be used to re-sign an existing access token (for an intermediary that already signed in). In that case, you'll also pass the accountRefreshToken header parameter but leave the request body empty.
After this step is complete, they will be signed in. You can add additional logic to your sign-in flow, including multi-factor phone authentication and email verification, by referring to response header. The header contains two fields encoded in the x-digifi-account JSON base64 string: isEmailNotVerified and isMfaIncomplete. These will either be true or undefined (no falsy value). Check these flags to optionally enforce phone authentication or email verification.
You can specify refresh token expiration time using refreshTokenExpirationTimeMinutes body param. By default it equals to "30" (minutes). Min value is 30 (a half an hour), Max value is 10080 (1 week).
You don't need to pass this parameter when you re-sign an existing access token (using refresh token).
Make sure to add this parameter to each API call
Create Account
Create Account (Accept Invitation)
Sign In (Create Session)
Please note the following validations:
- An intermediary user account should exist.
- The password should match the user's account password. (if you are using email/password option)