Send Withdraw Confirmation Code
Request SMS 2FA verification code for admin withdrawal approval operations
Send Withdraw Confirmation Code
Request SMS 2FA verification code for secure admin withdrawal approvals
ADMIN Only
Overview
The sendWithdrawConfirmCode mutation enables administrators to request a 2FA SMS verification code required for approving or denying withdrawal requests. This adds an extra layer of security to the withdrawal approval process.
Admin-Only Operation
This mutation is accessible only to users with ADMIN privileges. The phone number is registered as a system property and does not need to be provided.
GraphQL Schema
sendWithdrawConfirmCode: IntParameters
This mutation does not require any input parameters. The admin's phone number is registered as a system property and is automatically used to send the SMS verification code.
Return Value
IntReturns an integer indicating whether the SMS verification code request was successful. A non-zero value typically indicates success.
Example Mutation
mutation {
sendWithdrawConfirmCode
}{
"data": {
"sendWithdrawConfirmCode": 1
}
}Use Cases
Request 2FA code before approving crypto or PayPal withdrawal requests
Secure denial operations with 2FA verification to prevent unauthorized actions
Verify identity before confirming manual bank transfer completion
Ensure all withdrawal approvals meet 2FA security requirements
Implementation Example
// Admin withdrawal approval workflow
async function processWithdrawalApproval(withdrawalId: number) {
try {
// Step 1: Request 2FA SMS code
const codeRequest = await client.request(gql`
mutation {
sendWithdrawConfirmCode
}
`);
if (!codeRequest.sendWithdrawConfirmCode) {
throw new Error('Failed to send verification code');
}
console.log('✅ SMS verification code sent to admin phone');
// Step 2: Admin receives SMS and enters code
const twoFactorCode = await promptForCode(); // UI prompt
// Step 3: Approve withdrawal with 2FA code
const approval = await client.request(gql`
mutation ApproveWithdrawal($id: Int!, $code: String!) {
confirmCryptoWithdraw(
id: $id,
status: 1,
code: $code
)
}
`, {
id: withdrawalId,
code: twoFactorCode
});
console.log('✅ Withdrawal approved successfully');
} catch (error) {
console.error('❌ Withdrawal approval failed:', error);
}
}Security Features
All withdrawal approval operations require valid 2FA SMS verification codes
Admin phone number is pre-registered as system property, preventing unauthorized changes
Verification codes expire after a short period for enhanced security
Only users with ADMIN role can request withdrawal confirmation codes
Best Practices
Request the 2FA code immediately before performing the approval/denial operation to minimize code expiration risk
Ensure admin phone number is correctly registered in system properties before using this mutation
Implement UI feedback to indicate code is being sent and may take a few moments to arrive
Maintain audit logs of all 2FA code requests for security monitoring and compliance
Related Operations
Confirm Crypto Withdrawal
Approve or deny crypto withdrawal requests (requires 2FA code)
Confirm PayPal Withdrawal
Approve or deny PayPal withdrawal requests (requires 2FA code)
Approve Fiat Withdrawal
Approve bank withdrawal after manual transfer (requires 2FA code)
Withdrawal Overview
Complete withdrawal API system documentation