Participant APIs | REST

Selected Version:
Download Open API File

Perform authentication analysis

https://api.wealthcare.com/participant/securelogon/analyze/{user}

Analyzes authentication attempts for a specific user to enhance security and identify potential risks.

Request

Path parameters

Path parameters page anchor
  • user string Required

    User Name

Query parameters

Query parameters page anchor
  • decrypt integer <int32>

    Indicate if the URI parameters are encrypted or not. Use 1 for encrypted, 0 for decrypted (default is 0). This affects how the API interprets the incoming identifiers.

Request body

Request body page anchor
  • EventType enum<string>
    Possible values: SESSION_SIGNIN FAILED_LOGIN_ATTEMPT ENROLL UPDATE_USER CREATE_USER OLB_ENROLL FAILED_OLB_ENROLL_ATTEMPT ACTIVATE_CARD OPEN_NEW_ACCOUNT REQUEST_CREDIT ADD_PAYEE EDIT_PAYEE PAYMENT DEPOSIT STOCK_TRADE OPTIONS_TRADE CHANGE_LOGIN_ID CHANGE_EMAIL CHANGE_PHONE CHANGE_ADDRESS CHANGE_PASSWORD CHANGE_LIFE_QUESTIONS FAILED_CHANGE_PASSWORD_ATTEMPT CHANGE_ALERT_SETTINGS CHANGE_STATEMENT_SETTINGS CHANGE_AUTH_DATA SEND_SECURE_MESSAGE READ_SECURE_MESSAGE VIEW_CHECK VIEW_STATEMENT REQUEST_CHECK_COPY REQUEST_STATEMENT_COPY REQUEST_CHECKS REQUEST_NEW_CARD REQUEST_NEW_PIN EXTRA_AUTH USER_DETAILS CLIENT_DEFINED WITHDRAW CARD_PIN_CHANGE
  • IpAddress string

    The IP address from the user's device

  • HardwareId string

    Hardware Id(Mobile field)

  • SimId string

    Sim Id(Mobile field)

  • OtherId string

    Other Id(Mobile field)

  • CallerId string

    Identifier used to authenticate the caller initialing the message

  • CustomEvent string

    Any custom defined event not included in the pre-defined RSA EventType enum. If the custom event type is stand-alone, the EventType must also be specified as CLIENT_DEFINED

  • DevicePrint string

    Encapsulates all parameters obtained by device fingerprint gathering code

  • CustomFacts array <object>

    Custom facts

    • FactName string
    • FactDataType enum<string>
      Possible values: STRING BOOLEAN FLOAT DOUBLE INTEGER DATE
    • FactValue string
  • TransactionAmountUSD integer <int64>

    Transaction amount in USD for MFA rules that trigger based on transaction amount

  • DeviceTokenFSO string

    Value of the Flash Shared Object

  • HttpAccept string

    HTTP accept header value

  • DeviceTokenCookie string

    Contains the cookie value

  • UserAgent string

    User agent string

  • HttpAcceptEncoding string

    HTTP accept encoding

  • HttpAcceptLanguage string

    HTTP accept language

  • PortfolioId string

    Portfolio Id

  • RequestFrom enum<string>

    Where the request is sent(WCA, WCP or WCM)

    Possible values: WCA WCP WCM
  • TpaId string

    A unique identifier used to identify your admin instance. This value was system generated with the admin instance was created.

  • EventType enum<string>
    Possible values: SESSION_SIGNIN FAILED_LOGIN_ATTEMPT ENROLL UPDATE_USER CREATE_USER OLB_ENROLL FAILED_OLB_ENROLL_ATTEMPT ACTIVATE_CARD OPEN_NEW_ACCOUNT REQUEST_CREDIT ADD_PAYEE EDIT_PAYEE PAYMENT DEPOSIT STOCK_TRADE OPTIONS_TRADE CHANGE_LOGIN_ID CHANGE_EMAIL CHANGE_PHONE CHANGE_ADDRESS CHANGE_PASSWORD CHANGE_LIFE_QUESTIONS FAILED_CHANGE_PASSWORD_ATTEMPT CHANGE_ALERT_SETTINGS CHANGE_STATEMENT_SETTINGS CHANGE_AUTH_DATA SEND_SECURE_MESSAGE READ_SECURE_MESSAGE VIEW_CHECK VIEW_STATEMENT REQUEST_CHECK_COPY REQUEST_STATEMENT_COPY REQUEST_CHECKS REQUEST_NEW_CARD REQUEST_NEW_PIN EXTRA_AUTH USER_DETAILS CLIENT_DEFINED WITHDRAW CARD_PIN_CHANGE
  • IpAddress string

    The IP address from the user's device

  • HardwareId string

    Hardware Id(Mobile field)

  • SimId string

    Sim Id(Mobile field)

  • OtherId string

    Other Id(Mobile field)

  • CallerId string

    Identifier used to authenticate the caller initialing the message

  • CustomEvent string

    Any custom defined event not included in the pre-defined RSA EventType enum. If the custom event type is stand-alone, the EventType must also be specified as CLIENT_DEFINED

  • DevicePrint string

    Encapsulates all parameters obtained by device fingerprint gathering code

  • CustomFacts array <object>

    Custom facts

    • FactName string
    • FactDataType enum<string>
      Possible values: STRING BOOLEAN FLOAT DOUBLE INTEGER DATE
    • FactValue string
  • TransactionAmountUSD integer <int64>

    Transaction amount in USD for MFA rules that trigger based on transaction amount

  • DeviceTokenFSO string

    Value of the Flash Shared Object

  • HttpAccept string

    HTTP accept header value

  • DeviceTokenCookie string

    Contains the cookie value

  • UserAgent string

    User agent string

  • HttpAcceptEncoding string

    HTTP accept encoding

  • HttpAcceptLanguage string

    HTTP accept language

  • PortfolioId string

    Portfolio Id

  • RequestFrom enum<string>

    Where the request is sent(WCA, WCP or WCM)

    Possible values: WCA WCP WCM
  • TpaId string

    A unique identifier used to identify your admin instance. This value was system generated with the admin instance was created.

Response

Response body

Response body page anchor
  • IsRSAEnabled boolean

    RSA is enabled or disabled

  • IsRSAUser boolean

    User is or isn't a RSA user

  • UserExist boolean

    User does or doesn't exist in WCA

  • ActionCode string

    Indicate the action recommended by a triggered rule.

  • ActionNames array <string>

    Name of the action taken when the rule was triggerd

  • UserTypeCde enum<string>

    User Type

    Possible values: None MBI Tpa Employer Cardholder MBISystem DataPartner SSO PartnerUser InnovationPartner
  • IsForcePasswordChange boolean

    True or False based on if password changed for a participant user by any other user and not the participant user himself.

  • DeviceTokenCookie string

    A unique identifier representing the device token should be stored in the client's browser cookies and included as the DeviceTokenCookie parameter in the subsequent Analyze request.

  • IsRSAEnabled boolean

    RSA is enabled or disabled

  • IsRSAUser boolean

    User is or isn't a RSA user

  • UserExist boolean

    User does or doesn't exist in WCA

  • ActionCode string

    Indicate the action recommended by a triggered rule.

  • ActionNames array <string>

    Name of the action taken when the rule was triggerd

  • UserTypeCde enum<string>

    User Type

    Possible values: None MBI Tpa Employer Cardholder MBISystem DataPartner SSO PartnerUser InnovationPartner
  • IsForcePasswordChange boolean

    True or False based on if password changed for a participant user by any other user and not the participant user himself.

  • DeviceTokenCookie string

    A unique identifier representing the device token should be stored in the client's browser cookies and included as the DeviceTokenCookie parameter in the subsequent Analyze request.

Response Headers 
No response yet.
Response Body 
No response yet.

Copyright © 2026 Alegeus Technologies, LLC. All rights reserved. Alegeus, Alegeus Technologies, WealthCare, WealthCare Saver are registered trademarks of Alegeus Technologies, LLC

AI Assistant Preview

Generating response...