> ## Documentation Index > Fetch the complete documentation index at: https://developers.bonifiq.com.br/llms.txt > Use this file to discover all available pages before exploring further. # After sending the challenge request the app must ask the user for the PIN Code. > The PIN Code could be received by the customer in SMS or e-mail. ## OpenAPI ````yaml https://api.bonifiq.com.br/swagger/Private%20APIs/swagger.json post /v1/pvt/POS/customers/{id}/challengevalidate openapi: 3.0.0 info: title: BonifiQ Private APIs description: >- # Introduction This is the BonifiQ Private APIs documentation. With these endpoints you can interact with BonifiQ systems and enhance your program points. # Limitations These endpoints are intended to be used in backend communication so they are not CORS-compatible and cannot be used by in-browser frontend libraries (such as React, Angular, Vue, jQuery, etc) If are required to call BonifiQ API from a browser, please refer to our [Public APIs](https://api.bonifiq.com.br/apidocs/public) # Authentication These Private APis use the [Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) scheme. You need both an API Token (Username) and API Key (Password) to use with it You can generate this key pair in BonifiQ admin panel, at the "API Keys" menu. # How to use this page ## Making calls You can simulate, test and make calls to API from this Swagger page. To do that: - Click on the **Authorize** button - Inform the Username (API Token) and Passwoird (API Key) and click on **Authorize** - From the list bellow, choose an API call and click on **Try it out** - Inform the required parameters (if any) and click on **Execute** ## Verifying requests and responses bodies In every API Call there is an explanation of what each field means, theirs types and accepted values for all Requests and Responses. To view this information, just go to any API Call bellow and in the Responses section, click on the Schema. version: 1.0.0 servers: - url: https://api.bonifiq.com.br security: [] tags: - name: POS description: >- Flow methods to integrate BonifiQ with a POS system. Check the Flow Documentation link on the right externalDocs: description: Flow Documentation url: >- https://suporte.bonifiq.com.br/support/solutions/articles/159000319538-integrar-com-pdv - name: Checkout description: Operations related to checkout cashback redeem, refresh and removal - name: Customization description: Retrieve customizations for the loyalty program - name: Rewards description: Interact with rewards already redeemed paths: /v1/pvt/POS/customers/{id}/challengevalidate: post: tags: - POS summary: >- After sending the challenge request the app must ask the user for the PIN Code. description: The PIN Code could be received by the customer in SMS or e-mail. operationId: POS_ChallengeValidate parameters: - name: id in: path required: true schema: type: string x-position: 1 requestBody: x-name: request content: application/json: schema: $ref: '#/components/schemas/CustomerChallengeValidateRequest' required: true x-position: 2 responses: '200': description: '' content: application/json: schema: $ref: '#/components/schemas/CustomerChallengeValidateResponse' security: - Basic Authentication: [] components: schemas: CustomerChallengeValidateRequest: type: object additionalProperties: false properties: TransactionId: type: string description: Same ID used in the Challenge call nullable: true Code: type: string description: The PIN Code informed by the customer CustomerChallengeValidateResponse: type: object additionalProperties: false properties: TransactionId: type: string description: Same Transaction ID as informed in the request nullable: true Success: type: boolean description: >- If true, the challenge was successful and the purchase flow can continue FriendlyErrorMessage: type: string description: >- If Success=false this field will show information regarding the problem nullable: true securitySchemes: Basic Authentication: type: http description: Use API Basic Auth Keys name: Basic Authentication in: header scheme: basic ````