Connect

Connect your application to the mobile network for real-time fraud detection and frictionless authentication. Query SIM swap, call forwarding, and device swap signals before every sensitive action — or go fully passwordless with Silent Authentication, which verifies users automatically in the background without sending a single OTP. Simple API calls, no user interaction required.

API Reference

API Reference

Appendix A — cURL Examples

 
 

A.1 GET /oauth2/authorize

GET https://api.tyntec.com/silent-auth/v1/oauth2/authorize
  ?response_type=code
  &client_id=client
  &state=xyz12345
  &scope=openid%20tt%3Aphone_verify
  &redirect_uri=https%3A%2F%2Fclient.example.com%2Fcallback
  &login_hint=301234567890

HTTP/1.1 302 Found
Location: https://client.example.com/callback?code=<code>&state=xyz12345

HTTP/1.1 302 Found
Location: https://client.example.com/callback
  ?error=<error>
  &error_description=<error_description>
  &state=xyz12345

A.2 POST /oauth2/token

POST https://api.tyntec.com/silent-auth/v1/oauth2/token
Content-Type: application/x-www-form-urlencoded
apiKey: <apiKey>
grant_type=authorization_code
code=kgoV1pFxi1EIlocesrMcia6AhNyw6...
redirect_uri=https://client.example.com/callback
client_id=client
client_secret=12345

{
  "access_token": "eyJraWQiOiIyYzc5NDNmMy00YzIyLTQ5...",
  "refresh_token": "DawkDPIXqUDqyjHfzcifAsc8gvL1jBys...",
  "id_token": "eyJraWQiOiIyYzc5NDNmMy00YzIyLTQ5MzUtO...",
  "scope": "openid tt:mobile_id",
  "token_type": "Bearer",
  "expires_in": 86399
}

A.3 GET /oauth2/userinfo

GET https://api.tyntec.com/silent-auth/v1/oauth2/userinfo
Authorization: Bearer <access_token>
Success — phone number verified
{
  "sub": "99dd91d1-c949-433c-bd9e-0682eb6d6d26",
  "mobile_id": "2d83f2c1f618313f4b24516913d4e45e00ee289...",
  "login_hint": "381123456789",
  "phone_number_verified": "true"
}

Verification failed (MSISDN did not match)
{
  "sub": "anonymous",
  "mobile_id": "2d83f2c1f618313f4b24516913d4e45e00ee289...",
  "login_hint": "381123456789",
  "phone_number_verified": "false"
}

Appendix B — Error Code Reference

 

B.1 /oauth2/authorize — error codes

error error_description
invalid_client_id_request A required OAuth 2.0 parameter is missing or invalid.
missing_scope A required OAuth 2.0 scope parameter is missing
insufficient_scope Only openid scope requested, while custom scope is also required
unsupported_scope The requested scope is unknown, malformed, or exceeds permitted scope.
missing_login_hint Scope requires login_hint but not provided
server_error Unexpected server error

 

B.2 /oauth2/token — error codes

{
  "error": "invalid_request",
  "error_description": "Client specified an invalid argument, request body or query param."
}
Status / Code Message
400  invalid_request Client specified an invalid argument, request body or query param.
401  invalid_client Request not authenticated due to missing, invalid, or expired credentials. A new authentication is required.
403  permission_denied Client does not have sufficient permissions to perform this action.
500  internal_server_error Request could not be processed.

 

B.3 /oauth2/userinfo — error codes

Status / Code Message
401  invalid_client Request not authenticated due to missing, invalid, or expired credentials. A new authentication is required.
403  permission_denied Client does not have sufficient permissions to perform this action.
500  internal_server_error Request could not be processed.