wbhk
v1OneTimePasscode
The issuer may opt to send one-time passcodes itself rather than have the ACS send them. If this is the case then a webhook will be configured to receive the code to send to the cardholder.
The issuer may be configured to generate and verify the passcode itself or allow the ACS to do it. If the issuer is verifying the passcode then another webhook call will be made to verify the passcode once it is submitted by the cardholder.
API Backwards Compatibility: Apata may introduce non-breaking changes to API requests and responses, including the addition of new fields. To ensure continued compatibility, please design API validation logic to tolerate and gracefully handle any extra fields that may be included in the payload.