# Step-up status

Notification that a step-up has been completed or declined.

Endpoint: POST stepupWatch
Version: v1
Security: 

## Header parameters:

  - `call-ref` (string)
    A call reference generated by the caller and unique to the caller
to provide correlation between the caller and system with a maximum length
of 255

  - `published-timestamp` (integer, required)
    The timestamp, expressed in Epoch timestamp using millisecond precision, when this event was published.

  - `signature` (string, required)
    The signature to verify the authenticity of this request.  This is the base64 hash (HmacSHA256) of the published-timestamp using your API key.

  - `signature-v2` (string, required)
    The signature to verify the authenticity of this request.  This is the base64 hash (HmacSHA256) of the call-ref header, the request body, and the published-timestamp header, all concatenated without spaces, and signed using your API key.

## Request fields (application/json):

  - `type` (string)
    Enum: "stepupWatch"

  - `payload` (object)

  - `payload.credential` (object, required)

  - `payload.credential.type` (string, required)
    The type of user.
    Enum: "ROOT", "USER"

  - `payload.credential.id` (string, required)
    The identifier of the user.

  - `payload.buyerId` (string)
    The buyer id whose beneficiary has triggered this event.

  - `payload.challengeId` (string, required)

  - `payload.status` (string, required)
    Enum: "VERIFIED", "DECLINED", "EXPIRED"

  - `payload.publishedTimestamp` (string, required)
    Epoch timestamp using millisecond precision.

  - `payload.authToken` (string)


## Response 200 fields