POST
/
sessions
/
validate
Validate session
curl --request POST \
  --url https://api.authsignal.com/v1/sessions/validate \
  --header 'Content-Type: application/json' \
  --data '{
  "accessToken": "eyJhbGciOiJ...",
  "clientIds": [
    "64818035-68c3-4087-a449-bdd176a166c4"
  ]
}'
{
  "user": {},
  "expiresAt": 123,
  "verificationMethod": "SMS"
}

Body

application/json
accessToken
string
required

The access token to be validated.

clientIds
string[]

A list of IDs of the app clients for which the access token is valid. If provided, the access token must be issued for one of these clients.

Response

OK

user
object
required

A JSON object containing user claims.

expiresAt
number
required

The token expiry as a Unix timestamp in seconds.

verificationMethod
enum<string>

The verification method which was used to create the session.

Available options:
SMS,
AUTHENTICATOR_APP,
EMAIL_MAGIC_LINK,
EMAIL_OTP,
PUSH,
DEVICE,
SECURITY_KEY,
PASSKEY,
VERIFF,
IPROOV,
PALM_BIOMETRICS_RR,
IDVERSE