Validate MFA OTP

Validates the OTP generated for the MFA flow.

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…

Use this API to validate the OTP in the MFA flow. The /mfa/otp/generate API generates the OTP.

Prerequisites

  • Access group resource: Write access to customer group resource. For more information on access control, see the access group documentation.

  • Authentication: Basic or OAuth authentication details. For more information on authentication, see the Authentication documentation.

Example request

curl --location 'https://eu.api.capillarytech.com/auth/v1/mfa/otp/validate' \
--header 'Content-Type: application/json' \
--data '{
	 "identifierType":"MOBILE",
   "identifierValue":"18767431754", 
    "deviceId": "1234",
    "brand": "Bukl",
    "sessionId": "P-b04c1001-ef08-4125-9886-f9d8b4c5d9b8",
   "otp": 999999
}'

Resource information

URIauth/v1/mfa/otp/validate
HTTP methodPOST
Pagination supported?NA
Rate limitNA
Batch supportNA

Request body parameters


Parameter (Parameters marked with * are mandatory)Data TypeDescription
identifierType*EnumCustomer identifier used for MFA token generation. Values: MOBILE, EMAIL, USERNAME, EXTERNALID. If you want to use external ID, external ID login must be enabled in the organisation settings.
identifierValue*StringValue of the identifier.
deviceId*StringUnique ID of the device where OTP is validated.
brand*StringName of the brand or organisation that needs verification.
sessionId*StringUnique session ID created from /mfa/token/generate API.
otp*StringOTP that needs validation.

Response parameters

ParameterData TypeDescription
statusobjectObject containing status information.
  • success
booleanBoolean indicating the status of the request.
  • code
integerHTTP status code indicating the result. Example: 200 indicates success.
  • message
stringMessage describing the status of the request.
authobjectObject containing authentication details.
  • token
stringString representing the authentication token. By default, the token is valid for 15 minutes.
  • key
stringString representing the authentication key.
userobjectObject containing user details.
  • appRegistered
booleanIndicates if the user is registered in the app.
  • sessionId
stringCurrent session ID for MFA flow. The session ID is valid for 15 minutes by default.
  • role
stringIndicates the user's role. Example: VIEW, USER.
  • userRegisteredForPassword
booleanIndicates if the user is registered for a password.

{
    "status": {
        "success": true,
        "code": 200,
        "message": "SUCCESS"
    },
    "auth": {
        "token": "eyJpZHYiOlsiTU9CSUxFfDE4NzY3NDMxNzU0Il0sImRldiI6IjEyMzQiLCJvcmciOiJCVUtMIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiIxNzgwNzc2IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsImlzYyI6ImZhbHNlIiwib2djIjpbIjEwMDQ1OHxidWtsLmluZC5zb2x1dGlvbiJdLCJleHAiOjE3MTY5NjM0NTcsImlhdCI6MTcxNjk2MjU1Nywicm9sIjoiVVNFUiJ9.RNOnu2qd9b4CrH6ODsIc1OdeOg4EwFh7ssv0zlAG5pE",
        "key": "eyJpZHYiOlsiTU9CSUxFfDE4NzY3NDMxNzU0Il0sImRldiI6IjEyMzQiLCJvcmciOiJCVUtMIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiIxNzgwNzc2IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsIm1mYSI6dHJ1ZSwiaWF0IjoxNzE2OTYyNTU3LCJyb2wiOiJBVVRIIn0.89CmFeLl_zfUBuv2Ea4eQIc3Wy8fJzlcRQad8UcqK-4"
    },
    "user": {
        "appRegistered": false,
        "sessionId": null,
        "role": "USER",
        "userRegisteredForPassword": false
    }
}

Error codes


CodeDescription
3005External ID login must be enabled.

Body Params
string
enum
required

Customer identifier used for MFA token generation.

Allowed:
string
required

Value of the identifier.

string
required

Unique ID of the device where OTP is validated.

string
required

Name of the brand or organisation that needs verification.

string
required

Unique session ID created from /mfa/token/generate API.

string
required

OTP that needs validation.

Responses

Language
Credentials
Basic
base64
:
URL
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json