Bit Capital

The Bit Capital Developer Hub

Welcome to the Bit Capital developer hub. You'll find comprehensive guides and documentation to help you start working with the platform as quickly as possible, as well as support if you get stuck. Let's jump right in!


Authorize using SMS


Legacy Warning

Using SMS for Two-factor is considered e legacy feature. It is widely unsafe as it relies on the network provider and GSM technologies to ensure security. It also delivers a terrible user experience as the messages may take a lot of time to arrive, resulting in users frequently receiving expired tokens.

You should consider migrating to Google Authenticator. For more information, contact the integration support.

Before you begin, make sure you have a valid Consumer account with at least one verified mobile Phone number. For more information checkout the Phone Verification guide.

Enabling Two Factor Authorization

Start by configuring your two-factor secret generation. It will handle safely all your One Time Passwords (OTP) using .a robust security approach.

// Configure user account for 2FA secret generation
await bitcapital.twoFactor().configure({
  type: 'sms',
  // A sample user ID
  user: 'aa316e7b-54ca-4843-bad3-da9b03c96dda'

Sending One Time Passwords (OTPs)

With a valid User account, previously configured for Two Factor over SMS, send a token using the User ID.

// Sends OTP token over SMS
await bitcapital.twoFactor().sms({
  user: 'aa316e7b-54ca-4843-bad3-da9b03c96dda'

Authorizing requests using OTPs

Once enabled, you'll need to authorize some requests to the API using an OTP, previously sent over SMS. This token has an expiration period and cannot be used more than once.

Use it as a x-bitcapital-otp header in the needed API actions.

const reqOptions = {
  headers: 'x-bitcapital-otp': '123456'

const source = '9b1d1baa-a7a6-4cd9-ac40-616514d548b7';

// Pay 100 BRLD to Bob
const bob = {
  asset: 'root', // 'root' for BRLD, or the asset code
  amount: '100',
  destination: '82b24cfc-8421-419c-9ff8-333d0e91cdaa', // Bob Wallet ID

// Perform P2P transaction
const transaction = await bitcapital.payments()
  .pay({ source, recipients: [bob]}, reqOptions);

Legacy Mode

As legacy mode, you can use Phone Verification token as the X-Bitcapital-OTP header to authorize payments and financial operations for consumers in selected instances where this is enabled.

Updated 11 months ago

Authorize using SMS

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.