POST
/
verify
/
totp

Body

application/json
verificationCode
string
required

The TOTP code inputted by the user.

Response

200 - application/json
isVerified
boolean
required

True if the inputted TOTP is correct.

accessToken
string

A new short-term token with scopes to manage authenticators (e.g. add secondary authenticators, remove authenticators, view or regenerate recovery codes). Only present if the challenge succeeded.

failureReason
enum<string>
Available options:
CODE_INVALID_OR_EXPIRED,
MAX_ATTEMPTS_EXCEEDED