Validate an App Registration Email Validation
Endpointβ
PUT https://api.verifik.co/v2/email-validations/{id}
This endpoint validates a one-time password (OTP) sent to a user's email address during the onboarding (app registration) process. It ensures the user-provided OTP is correct and updates the verification status accordingly. This route is specifically designed for users who are in the middle of an app registration flow.
warning
The JWT Token you should use when validating Onboarding Email Validations is provided from the App Registration in creation. You must use the token returned when creating an App Registration to authenticate this request.
Headersβ
| Name | Value |
|---|---|
| Content-Type | application/json |
| Authorization | Bearer <token> |
Paramsβ
| Name | Type | Required | Description |
|---|---|---|---|
id | string | Yes | The unique identifier of the Email Validation you want to validate. This is the _id returned when creating the email validation |
email | string | Yes | The email address that was used to create the email validation. Spaces will be automatically removed and converted to lowercase |
otp | number | Yes | The one-time password (OTP) that was sent to the user's email address |
Requestβ
- Node.js
- PHP
- Python
- Go
const fetch = require("node-fetch");
async function run() {
const emailValidationId = "674de8df21c72be3cc42b8a7";
const res = await fetch(`https://api.verifik.co/v2/email-validations/${emailValidationId}`, {
method: "PUT",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${process.env.VERIFIK_TOKEN}`,
},
body: JSON.stringify({
email: "user@example.com",
otp: 123456
}),
});
console.log(await res.json());
}
run();
<?php
$emailValidationId = "674de8df21c72be3cc42b8a7";
$ch = curl_init("https://api.verifik.co/v2/email-validations/" . $emailValidationId);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
"Content-Type: application/json",
"Authorization: Bearer " . getenv("VERIFIK_TOKEN")
]);
$body = json_encode([
"email" => "user@example.com",
"otp" => 123456
]);
curl_setopt($ch, CURLOPT_PUT, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
echo $response;
import os, requests
email_validation_id = "674de8df21c72be3cc42b8a7"
url = f"https://api.verifik.co/v2/email-validations/{email_validation_id}"
headers = {
"Content-Type": "application/json",
"Authorization": f"Bearer {os.getenv('VERIFIK_TOKEN')}"
}
payload = {
"email": "user@example.com",
"otp": 123456
}
r = requests.put(url, json=payload, headers=headers)
print(r.json())
package main
import (
"bytes"
"encoding/json"
"fmt"
"net/http"
"os"
)
func main() {
emailValidationId := "674de8df21c72be3cc42b8a7"
url := fmt.Sprintf("https://api.verifik.co/v2/email-validations/%s", emailValidationId)
payload := map[string]interface{}{
"email": "user@example.com",
"otp": 123456,
}
b, _ := json.Marshal(payload)
req, _ := http.NewRequest("PUT", url, bytes.NewBuffer(b))
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer "+os.Getenv("VERIFIK_TOKEN"))
resp, _ := http.DefaultClient.Do(req)
defer resp.Body.Close()
var out map[string]interface{}
json.NewDecoder(resp.Body).Decode(&out)
fmt.Println(out)
}
Responseβ
- 200
- 403
- 404
- 409
- 412
{
"data": {
"_id": "674de8df21c72be3cc42b8a7",
"status": "validated",
"email": "user@example.com",
"type": "onboarding",
"showFaceLivenessRecommendation": false
}
}
{
"code": "otp_does_not_match",
"message": "403:otp_does_not_match"
}
{
"code": "email_validation_not_found",
"message": "404:email_validation_not_found"
}
{
"code": "MissingParameter",
"message": "missing_email_and_otp"
}
{
"code": "emailValidation_has_expired",
"message": "412:emailValidation_has_expired"
}
Notesβ
- Onboarding Flow: This endpoint is specifically designed for users in the app registration process, where email validation is part of the onboarding journey.
- OTP Expiration: OTPs have a limited lifespan (typically 10 minutes) and will expire after the predefined time. Expired OTPs cannot be validated.
- Status Updates: Successful validation automatically updates the email validation status to "validated" and may trigger additional onboarding steps.
- Webhook Events: Validation events trigger webhook notifications for tracking and integration purposes.
- App Registration Linking: When validated through this endpoint, the email validation is automatically linked to the user's app registration record.
- Email Formatting: Email addresses are automatically converted to lowercase and have spaces removed during processing.
- Demo Mode: If the project is in demo mode, special demo OTPs may be accepted for testing purposes.