Skip to main content

Initiate Challenge

API schema

 This method lets you initiate an SMS or email OTP challenge for a given phone number or email address. 
const request = {
  verificationMethod: "SMS",
  action: "signInWithSms",
  phoneNumber: "+64270000000",
};

const response = await authsignal.challenge(request);

const challengeId = response.challengeId;

Verify Challenge

API schema

 This method lets you verify an SMS or email OTP challenge by determining if the OTP code submitted by the user is valid. 
const request = {
  challengeId: "3a991a14-690c-492b-a5e5-02b9056a4b7d",
  verificationCode: "123456",
};

const response = await authsignal.verify(request);

const isVerified = response.isVerified;

Claim Challenge

API schema

 This method lets you claim a challenge on behalf of a user by associating it with an ID for the corresponding user record in your system. 
const request = {
  challengeId: "3a991a14-690c-492b-a5e5-02b9056a4b7d",
  userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
};

const response = await authsignal.claimChallenge(request);

Get Challenge

API schema

 This method can be used to retrieve information about a currently active challenge. 
const request = {
  challengeId: "3a991a14-690c-492b-a5e5-02b9056a4b7d",
};

const response = await authsignal.getChallenge(request);

Validate Challenge

API schema

 This method lets you validate server-side whether a user has successfully completed an authentication challenge via the Authsignal pre-built UI or an Authsignal Client SDK. After obtaining a short-lived token from the pre-built UI or a Client SDK, pass this token to your server to determine the result. 
const request = {
  action: "signIn",
  token: "eyJhbGciOiJ...",
};

const response = await authsignal.validateChallenge(request);

if (response.state === "CHALLENGE_SUCCEEDED") {
  // The user completed the challenge successfully
  // Proceed with authenticated action
} else {
  // The user did not complete the challenge successfully
}