post
https://{host}/auth/v1/mfa/otp/validate
Recent Requests
Log in to see full request history
| Time | Status | User Agent | |
|---|---|---|---|
Retrieving recent requests… | |||
Loading…
Use this API to validate the OTP in the MFA flow. The /mfa/otp/generate API generates the OTP.
Prerequisites
-
Access group resource: Write access to customer group resource. For more information on access control, see the access group documentation.
-
Authentication: Basic or OAuth authentication details. For more information on authentication, see the Authentication documentation.
Example request
curl --location 'https://eu.api.capillarytech.com/auth/v1/mfa/otp/validate' \
--header 'Content-Type: application/json' \
--data '{
"identifierType":"MOBILE",
"identifierValue":"18767431754",
"deviceId": "1234",
"brand": "Bukl",
"sessionId": "P-b04c1001-ef08-4125-9886-f9d8b4c5d9b8",
"otp": 999999
}'Resource information
| URI | auth/v1/mfa/otp/validate |
| HTTP method | POST |
| Pagination supported? | NA |
| Rate limit | NA |
| Batch support | NA |
Request body parameters
| Parameter (Parameters marked with * are mandatory) | Data Type | Description |
|---|---|---|
identifierType* | Enum | Customer identifier used for MFA token generation. Values: MOBILE, EMAIL, USERNAME, EXTERNALID. If you want to use external ID, external ID login must be enabled in the organisation settings. |
identifierValue* | String | Value of the identifier. |
deviceId* | String | Unique ID of the device where OTP is validated. |
brand* | String | Name of the brand or organisation that needs verification. |
sessionId* | String | Unique session ID created from /mfa/token/generate API. |
otp* | String | OTP that needs validation. |
Response parameters
| Parameter | Data Type | Description |
|---|---|---|
| status | object | Object containing status information. |
| boolean | Boolean indicating the status of the request. |
| integer | HTTP status code indicating the result. Example: 200 indicates success. |
| string | Message describing the status of the request. |
| auth | object | Object containing authentication details. |
| string | String representing the authentication token. By default, the token is valid for 15 minutes. |
| string | String representing the authentication key. |
| user | object | Object containing user details. |
| boolean | Indicates if the user is registered in the app. |
| string | Current session ID for MFA flow. The session ID is valid for 15 minutes by default. |
| string | Indicates the user's role. Example: VIEW, USER. |
| boolean | Indicates if the user is registered for a password. |
{
"status": {
"success": true,
"code": 200,
"message": "SUCCESS"
},
"auth": {
"token": "eyJpZHYiOlsiTU9CSUxFfDE4NzY3NDMxNzU0Il0sImRldiI6IjEyMzQiLCJvcmciOiJCVUtMIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiIxNzgwNzc2IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsImlzYyI6ImZhbHNlIiwib2djIjpbIjEwMDQ1OHxidWtsLmluZC5zb2x1dGlvbiJdLCJleHAiOjE3MTY5NjM0NTcsImlhdCI6MTcxNjk2MjU1Nywicm9sIjoiVVNFUiJ9.RNOnu2qd9b4CrH6ODsIc1OdeOg4EwFh7ssv0zlAG5pE",
"key": "eyJpZHYiOlsiTU9CSUxFfDE4NzY3NDMxNzU0Il0sImRldiI6IjEyMzQiLCJvcmciOiJCVUtMIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiIxNzgwNzc2IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsIm1mYSI6dHJ1ZSwiaWF0IjoxNzE2OTYyNTU3LCJyb2wiOiJBVVRIIn0.89CmFeLl_zfUBuv2Ea4eQIc3Wy8fJzlcRQad8UcqK-4"
},
"user": {
"appRegistered": false,
"sessionId": null,
"role": "USER",
"userRegisteredForPassword": false
}
}Error codes
| Code | Description |
|---|---|
| 3005 | External ID login must be enabled. |