IBM Security Verify external MFA integration API contract

IBM® Security Verify expects to consume the API contract as a client of the external MFA provider. Enforcement of the contract can be done by using the "resources" and "transformations" features of the webhooks. If these features cannot be used, then a separately developed and hosted mediator service might be needed.