@transferwise/approve-api-action-helpers/demo/server.js

An http client that handles SCA protected requests gracefully

const express = require('express');

const app = express();

app.use(express.static('src'));

app.use(express.static('../dist'));

app.get('/api/authorised-endpoint', (req, res) => {
  // This is where you would call Wise API.
  //
  // If SCA is required, the API will return 403 and x-2fa-approval header.
  // You need to pass those back to your frontend (respond with 403 and x-2fa-approval header).
  //
  // Our frontend library now understands that SCA is required and asks the customer to
  // pass challenges (such as password).
  //
  // When challenges are completed, call to this endpoint is made again, but this time
  // the request will contain x-2fa-approval header.
  // You just need to pass it on to Wise API and this time the call will succeed.
  res.set('x-2fa-approval', 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx');
  res.status(403).send('');
});

app.listen(3000, () => console.log('development api running on 3000'));