Email Access Example
Overviewβ
This tutorial demonstrates how to implement email-based authentication for app login flows using Verifik's email validation system.
Prerequisitesβ
Before starting, ensure you have:
- A Project with login configuration
- A ProjectFlow with
type = "login" - Email validation enabled in your project flow
Configuration Setupβ
If you haven't created a project and a projectFlow with the property type = "login", follow these guides:
Implementation Flowβ
The email access flow consists of two main steps:
- Create Email Validation - Generate an OTP and send it to the user's email
- Validate Email Validation - Verify the OTP entered by the user
Step 1: Create Email Validationβ
First, create an email validation to send an OTP to the user's email address.
Endpoint:
POST https://api.verifik.co/v2/email-validations
Request Example:
- JavaScript
- Python
- PHP
- Swift
import axios from 'axios';
const options = {
method: 'POST',
url: 'https://api.verifik.co/v2/email-validations',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer <your_token>'
},
data: {
project: 'your_project_id',
projectFlow: 'your_project_flow_id',
email: 'user@example.com',
type: 'login',
redirectUrl: 'https://yourapp.com/success'
}
};
try {
const { data } = await axios.request(options);
console.log('Email validation created:', data);
} catch (error) {
console.error('Error creating email validation:', error);
}
import http.client
import json
conn = http.client.HTTPSConnection("api.verifik.co")
payload = json.dumps({
"project": "your_project_id",
"projectFlow": "your_project_flow_id",
"email": "user@example.com",
"type": "login",
"redirectUrl": "https://yourapp.com/success"
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer <your_token>'
}
conn.request("POST", "/v2/email-validations", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
<?php
$client = new \GuzzleHttp\Client();
$response = $client->request('POST', 'https://api.verifik.co/v2/email-validations', [
'headers' => [
'Content-Type' => 'application/json',
'Authorization' => 'Bearer <your_token>',
],
'json' => [
'project' => 'your_project_id',
'projectFlow' => 'your_project_flow_id',
'email' => 'user@example.com',
'type' => 'login',
'redirectUrl' => 'https://yourapp.com/success'
]
]);
echo $response->getBody();
import Foundation
let headers = [
"Content-Type": "application/json",
"Authorization": "Bearer <your_token>"
]
let parameters = [
"project": "your_project_id",
"projectFlow": "your_project_flow_id",
"email": "user@example.com",
"type": "login",
"redirectUrl": "https://yourapp.com/success"
] as [String : Any]
let postData = try JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api.verifik.co/v2/email-validations")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error as Any)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()
Response:
{
"data": {
"_id": "email_validation_id",
"email": "user@example.com",
"status": "pending",
"otp": "123456",
"expiresAt": "2024-01-15T11:30:00Z",
"createdAt": "2024-01-15T10:30:00Z"
}
}
Step 2: Validate Email Validationβ
After the user receives the OTP via email, validate it to complete the login process.
Endpoint:
POST https://api.verifik.co/v2/email-validations/validate
Request Example:
- JavaScript
- Python
- PHP
- Swift
import axios from 'axios';
const options = {
method: 'POST',
url: 'https://api.verifik.co/v2/email-validations/validate',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer <your_token>'
},
data: {
emailValidationId: 'email_validation_id',
otp: '123456'
}
};
try {
const { data } = await axios.request(options);
console.log('Email validation successful:', data);
} catch (error) {
console.error('Error validating email:', error);
}
import http.client
import json
conn = http.client.HTTPSConnection("api.verifik.co")
payload = json.dumps({
"emailValidationId": "email_validation_id",
"otp": "123456"
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer <your_token>'
}
conn.request("POST", "/v2/email-validations/validate", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
<?php
$client = new \GuzzleHttp\Client();
$response = $client->request('POST', 'https://api.verifik.co/v2/email-validations/validate', [
'headers' => [
'Content-Type' => 'application/json',
'Authorization' => 'Bearer <your_token>',
],
'json' => [
'emailValidationId' => 'email_validation_id',
'otp' => '123456'
]
]);
echo $response->getBody();
import Foundation
let headers = [
"Content-Type": "application/json",
"Authorization": "Bearer <your_token>"
]
let parameters = [
"emailValidationId": "email_validation_id",
"otp": "123456"
] as [String : Any]
let postData = try JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api.verifik.co/v2/email-validations/validate")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error as Any)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()
Response:
{
"success": true,
"data": {
"status": "validated",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"appLogin": {
"_id": "app_login_id",
"type": "email",
"status": "completed",
"emailValidation": "email_validation_id"
}
}
}
Step 3: Retrieve App Login Objectβ
After successful email validation, use the token to retrieve the complete AppLogin object with all its details.
Endpoint:
GET https://api.verifik.co/v2/app-logins/{appLoginId}
Request Example:
- JavaScript
- Python
- PHP
- Swift
import axios from 'axios';
const options = {
method: 'GET',
url: 'https://api.verifik.co/v2/app-logins/app_login_id',
params: {
'populates[]': ['emailValidation']
},
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer <your_token>'
}
};
try {
const { data } = await axios.request(options);
console.log('App Login retrieved:', data);
} catch (error) {
console.error('Error retrieving app login:', error);
}
import http.client
conn = http.client.HTTPSConnection("api.verifik.co")
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer <your_token>'
}
conn.request("GET", "/v2/app-logins/app_login_id?populates[]=emailValidation", headers=headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
<?php
$client = new \GuzzleHttp\Client();
$response = $client->request('GET', 'https://api.verifik.co/v2/app-logins/app_login_id?populates[]=emailValidation', [
'headers' => [
'Content-Type' => 'application/json',
'Authorization' => 'Bearer <your_token>',
],
]);
echo $response->getBody();
import Foundation
let headers = [
"Content-Type": "application/json",
"Authorization": "Bearer <your_token>"
]
let request = NSMutableURLRequest(url: NSURL(string: "https://api.verifik.co/v2/app-logins/app_login_id?populates[]=emailValidation")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "GET"
request.allHTTPHeaderFields = headers
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error as Any)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()
Response:
{
"data": {
"_id": "app_login_id",
"client": "client_id",
"name": "User Login Session",
"status": "completed",
"project": "project_id",
"projectFlow": "project_flow_id",
"type": "email",
"emailValidation": {
"_id": "email_validation_id",
"email": "user@example.com",
"status": "validated",
"validationMethod": "verificationCode",
"otp": "$2a$10$encrypted_otp",
"expiresAt": "2024-01-15T11:30:00Z",
"createdAt": "2024-01-15T10:30:00Z",
"updatedAt": "2024-01-15T10:32:00Z"
},
"phoneValidation": null,
"biometricValidation": null,
"face": null,
"accessControlLog": "access_control_log_id",
"updatedAt": "2024-01-15T10:32:00Z",
"createdAt": "2024-01-15T10:30:00Z",
"__v": 0
}
}
Complete Flow Summaryβ
- User initiates login with their email address
- System creates email validation and sends OTP to user's email
- User receives OTP via email
- User enters OTP in your application
- System validates OTP and creates AppLogin record
- System retrieves AppLogin object with complete validation details
- User gains access with authentication token and complete login data
Related Documentationβ
Video Tutorialβ
Featuresβ
- Email-based Authentication: Secure login using email OTP verification
- Automatic AppLogin Creation: AppLogin records are created automatically upon successful validation
- Time-limited OTP: OTP codes expire for security
- Multiple Programming Languages: Support for JavaScript, Python, PHP, and Swift
- Complete Integration: End-to-end tutorial for email authentication flows
- Token-based Access: Secure authentication tokens for application access