API Reference

Learn how to access UNLOQ end points

POST /actions

Creates a new authorisation action for application.

POST https://api-authenticator.iwelcome.com/v1/actions
   Authorization: Bearer {your application API Key}
   Content-Type: application/json
Body Parameters
  • code (string, required) - Application-level unique action code containing only alpha-numeric characters, "_" and "-", with maximum 20 characters.
  • title (string, required) - Action title that should offer a small description regarding the authorisation. Maximum length of 35 characters
  • message (string, required) - A summary describing the authorisation as well as its intentions. The length of the message must not exceed 100 characters.
  • approve (string) - The "Approve" button text. Must not exceed 10 characters
  • deny (string) - The "Deny" button text. Must not exceed 10 characters
Result format (200 OK)
  "type": "api.application.action.create",
  "result": {
    "id": "123456abcdefg",
    "action": {
      "code": "example",
      "title": "Oh my it's the example action",
      "message": "This message is very boring"
    "variables": [],
    "button": {
      "approve": "Sure",
      "deny": "Neah"
    "is_active": true,
    "application_id": "1234",
    "created_at": "2016-11-15T11:52:30.000Z",
    "updated_at": "2016-11-15T11:52:30.000Z"

Both the title and the message of an authorisation action are dynamic, meaning that when you define the title and message text, you can make use of variables prefixed with the dollar sign $

A quick example:

code = welcome
Title = "Welcome, $name !"
Message = "All you have to do now is confirm your phone: $phone"
POST /authorize/welcome
 - ref={your transaction reference}
 - name="Jane"
 - phone="+021000000"
=> "Welcome, Jane !", "All you have to do now is confirm your phone: +021000000"
Node.js example code
// The following code will create an authorisation request that will contain two
// variables: $amount and $company. These will be replaced when using this
// action in an authorisation request.
var request = require('request');
var apiKey = 'YOUR-API-KEY';
   url: 'https://api-authenticator.iwelcome.com/v1/actions',
   headers: {
     'Authorization: 'Bearer' + apiKey
   form: {
     code: 'demo-code',
     title: 'Approve $amount?',
     message: 'You have a pending transaction of $$amount. Proceed with payment for $company?',
     approve: 'Yes',
     deny: 'Cancel'

Have a question? You can always send us an email at support@unloq.io, or contact us on chat.

For security related concerns, please visit our Security page.