Enroll Start enrollment for a new email OTP authenticator by sending the user an email containing an OTP code.
This method is typically used when you’ve not yet verified the user’s email address.
const response = await authsignal . email . enroll ({ email: "jane.smith@authsignal.com" }); If you’ve already verified a user’s email address independently of Authsignal, you can
alternatively use a Server SDK to [enroll the user
programmatically]/advanced-usage/programmatic-authenticator-management).
Parameters The user’s email address.
Response response
AuthsignalResponse<EnrollResponse>
An unstructured error description present if the SDK call encountered an error.
The ID of the Authsignal user.
The ID of the Authsignal user authenticator.
Challenge Start re-authentication for an existing email OTP authenticator by sending the user an email containing an OTP code.
This method is typically used when you’ve already verified the user’s email address.
const response = await authsignal . email . challenge (); Response response
AuthsignalResponse<ChallengeResponse>
An unstructured error description present if the SDK call encountered an error.
The ID of the Authsignal challenge.
Verify Finish enrolling or re-authenticating a new or existing email OTP authenticator by verifying the code submitted by the user.
const response = await authsignal . email . verify ({ code: "123456" }); Parameters The OTP code inputted by the user.
Response response
AuthsignalResponse<VerifyResponse>
An unstructured error description present if the SDK call encountered an error.
True if the verification was successful.
Only present on first time verification e.g. enrollment. The ID of the Authsignal user authenticator.
verificationMethod
'SMS' | 'AUTHENTICATOR_APP' | 'EMAIL_MAGIC_LINK' | 'EMAIL_OTP' | 'PASSKEY' | 'PUSH' | 'SECURITY_KEY' | 'VERIFF' | 'IPROOV' | 'IDVERSE' | 'PALM_BIOMETRICS_BR'
required
The date and time the authenticator was created in ISO 8601 format.
The date and time the authenticator was first verified in ISO 8601 format.
The date and time the authenticator was last verified in ISO 8601 format.
Whether the authenticator is the default authenticator for the user.
The email address of the authenticator. Only present for email authenticators e.g. email OTP and email magic link.
The phone number of the authenticator. Only present for phone authenticators e.g. SMS/WhatsApp OTP.
The previous SMS channel used to send the OTP code. Only present for phone authenticators e.g. SMS/WhatsApp OTP.
Only present for passkey authenticators. The ID of the passkey credential.
The device ID of the passkey credential.
The name of the passkey credential.
The AAGUID of the passkey credential.
Whether the passkey credential is backed up.
credentialDeviceType
'singleDevice' | 'multiDevice'
The device type of the passkey credential.
The parsed user agent of the passkey credential. The user agent of the passkey credential.
The browser of the passkey credential. The version of the browser.
The major version of the browser.
The device of the passkey credential. The vendor of the device.
The engine of the passkey credential. The version of the engine.
The OS of the passkey credential. The CPU of the passkey credential. The architecture of the CPU.
The date and time the passkey credential was verified in ISO 8601 format.
authenticatorAttachment
'platform' | 'cross-platform'
The authenticator attachment of the passkey credential.
The AAGUID mapping of the passkey credential. The name of the AAGUID mapping.
The SVG icon of the AAGUID mapping in light mode.
The SVG icon of the AAGUID mapping in dark mode.
A structured code present if the verification failed due to user error. Possible values are:
CODE_INVALID_OR_EXPIRED or MAX_ATTEMPTS_EXCEEDED.
