Request OTP
The Request OTP API is used to request access to sensitive information. Calling this endpoint triggers a One‑Time Password (OTP) that is delivered to the cardholder via SMS. The OTP must be supplied on a subsequent Verify OTP request.
NOTE: An SMS message is always sent to the cardholder’s registered mobile number. If an email address is on file and email OTP is enabled, the OTP will also be sent to the registered email address.
✍️ Authentication Methods
Exactly one of the following authentication schemes must be supplied in the <AuthenticationDetails>
block.
Card Credentials
AuthCardNumber
PAN (16–19 digits)
âś“
AuthExpirationDate
YYYY‑MM
âś“
AuthDOB
YYYY‑MM‑DD
âś“
Date of birth on file
Cardholder Login
Username
String
âś“*
Use if the cardholder has self‑service credentials
Password
String
âś“*
*Only required when using the Login scheme
📥 Input Parameters
Purpose
Y
String (≤50)
Allowed value: Dispute Management
ID
Y
Numeric (1‑19)
RPID when IDType = RPID
IDType
Y
CardNumber
| RPID
| SavingAccount
Avoid CardNumber
here to prevent unencrypted storage
RequestedResult
Y
String (≤50)
Allowed: CardNumberCvv
, ChangeCardPin
đź’» Output Parameters
None
All values are returned inside <ResponseDetails>
đź“„ XML Samples
Card‑Credentials Authentication
<?xml version="1.0"?>
<PraxellXMLRequest>
<AuthenticationDetails>
<AuthCardNumber>*******************</AuthCardNumber>
<AuthExpirationDate>2028-03</AuthExpirationDate>
<AuthDOB>1996-11-28</AuthDOB>
</AuthenticationDetails>
<ServiceDetails>
<UniqueRequestId>9633-6955-1</UniqueRequestId>
<ServiceName>RequestOTP</ServiceName>
</ServiceDetails>
<Origin>
<OriginType>ExtAPI</OriginType>
</Origin>
<ServiceParams>
<Purpose>Dispute Management</Purpose>
<ID>1234565789</ID>
<IDType>RPID</IDType>
<RequestedResult>ChangeCardPin</RequestedResult>
</ServiceParams>
</PraxellXMLRequest>
<?xml version="1.0"?>
<PraxellXMLResponse>
<ResponseDetails>
<ServiceName>RequestOTP</ServiceName>
<SessionId>38097317201110064</SessionId>
<StatusCode>0</StatusCode>
<StatusName>StatusOK</StatusName>
<StatusDescription>OK</StatusDescription>
<ServiceDate>2025-05-29 05:10:40</ServiceDate>
<ServiceId>38097317201110064</ServiceId>
</ResponseDetails>
<ResponseParams/>
</PraxellXMLResponse>
<?xml version="1.0"?>
<PraxellXMLResponse>
<ResponseDetails>
<ServiceName>RequestOTP</ServiceName>
<SessionId>07071612200737105</SessionId>
<StatusCode>70029</StatusCode>
<StatusName>Data not found (cardholder not found)</StatusName>
<StatusDescription>Data not found (cardholder not found)</StatusDescription>
<ServiceDate>2025-05-29 05:12:50</ServiceDate>
<ServiceId>07071612200737105</ServiceId>
</ResponseDetails>
<ResponseParams/>
</PraxellXMLResponse>
Login‑Credentials Authentication (alternative)
<?xml version="1.0"?>
<PraxellXMLRequest>
<AuthenticationDetails>
<Username>jane.doe</Username>
<Password>Aq1!xyz123</Password>
</AuthenticationDetails>
<ServiceDetails>
<UniqueRequestId>984653217</UniqueRequestId>
<ServiceName>RequestOTP</ServiceName>
</ServiceDetails>
<Origin>
<OriginType>ExtAPI</OriginType>
</Origin>
<ServiceParams>
<Purpose>Dispute Management</Purpose>
<ID>1234567890</ID>
<IDType>RPID</IDType>
<RequestedResult>ChangeCardPin</RequestedResult>
</ServiceParams>
</PraxellXMLRequest>
ℹ️ Use the returned SessionId when calling VerifyOTP. The OTP expires after 10 minutes.
For additional error codes see the Common Errors section of the API reference.
Last updated