An incorrect OTP code is supplied after a successful password/check with a otp/check REST call.
HTTP Request - /public/authentication/otp/check/
POST https://iam-host.com/auth/rest/public/authentication/otp/check { "otp": "123456" }
The response is a HTTP 400 BAD REQUEST response and the code returns "OTP_WRONG" to inidicate the reason for the failure.
Since this call returned an error, a "temporaryLockExpiry" is returned as well.
HTTP Response - /public/authentication/otp/check/
400 BAD REQUEST { "meta": { "type": "jsonapi.metadata.document", "timestamp": "2018-12-04T10:11:39.420Z", "temporaryLockExpiry": "2018-12-04T10:11:42.394Z" }, "errors": [ { "id": "9420:5816", "status": 400, "code": "OTP_WRONG" } ] }