Validate OTPs

Description

The Validate OTP API lets you make a call using the HTTPS POST method to verify the OTP sent to the users. You must include the Verify ID parameter in the request to know the status.

To Validate an OTP

1. Signup or Login to Kaleyra.io and create your API key

Refer to the Create an API Key page for steps to get your API key and SID (Security Identifier).

2. API Call

Execute the following API command to know the status of the OTP.

curl --location --request POST 'https://api.kaleyra.io/v1/<SID>/verify/validate' \
--header 'Content-Type: <CONTENT_TYPE>' \
--header 'api-key: <API_KEY>' \
--data-raw '{
               "verify_id": "<VERIFY_ID>",
               "otp": "<OTP>"
             }'

Ensure to replace the parameter values with the proper inputs in the above code. The below table has a list of parameters and their information.

ReplaceWithExamplesMandatory?
<SID>Account SID (Security Identifier). Generated by Kaleyra.io while creating an API key.HXXXXXXX071USTrue
<CONTENT_TYPE>Indicates the format of the content the API will be processing.application/jsonTrue
<API_KEY>Your API Key generated by Kaleyra.io.Ac4XXXXX21fTrue
<VERIFY_ID>The Verify ID which was sent in the Generate OTP API response.xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxTrue
<OTP>One Time Password which was sent to the users to validate them.xxxxTrue

3. Response Formats

This section provides you the success and error JSON response formats of different scenarios.

Success Response

{
  "data": {
    "verify_id": "4d3d0959-805e-43fa-bece-5815ce0795a2",
    "message": "OTP verified successfully."
  }
}

Error Responses

OTP Already Verified
You must have already validated the OTP associated with this Verify ID.

{
  "error": {
    "code": "E910",
    "type": "validation_error",
    "parameter": "",
    "message": "OTP already verified",
    "reference": ""
  }
}

Invalid OTP
You must have entered the invalid OTP in the request. Include the appropriate OTP and re-execute the command.

{
  "error": {
    "code": "E912",
    "type": "validation_error",
    "parameter": "OTP",
    "message": "Invalid Request/OTP",
    "reference": ""
  }
}

Invalid Configuration ID
You must have included the invalid Configuration ID. Re-execute the command with the valid Configuration ID.

{
  "error": {
    "code": "E909",
    "type": "validation_error",
    "parameter": "flow_id",
    "message": "Record not found",
    "reference": ""
  }
}

Exceeded Maximum Attempts
You have exceeded the maximum number of attempts to verify the OTPs.

{
  "error": {
    "code": "E911",
    "type": "validation_error",
    "parameter": "OTP",
    "message": "Exceeded max number of attempts",
    "reference": ""
  }
}

OTP Expired
You must have entered the expired OTP. Try executing the command with a different OTP.

{
  "error": {
    "code": "E913",
    "type": "validation_error",
    "parameter": "",
    "message": "The OTP has already expired",
    "reference": ""
  }
}

Missing OTP
You have not included the OTP in the request. Enter the OTP and re-execute the command.

{
  "error": {
    "code": "E801",
    "type": "VALIDATION_ERROR",
    "parameter": "otp",
    "message": "otp field is mandatory",
    "reference": ""
  }
}

Missing Verify ID
You have not included the Verify ID in the request. Enter the Verify ID and re-execute the command.

{
  "error": {
    "code": "E800",
    "type": "VALIDATION_ERROR",
    "parameter": "verify_id",
    "message": "verify_id field is mandatory",
    "reference": ""
  }
}

Invalid OTP
You must have entered the incorrect OTP. The OTP must contain only alphanumeric characters. Update the parameter and re-execute the command.

{
  "error": {
    "code": "E803",
    "type": "VALIDATION_ERROR",
    "parameter": "OTP",
    "message": "OTP can contain only alphanumeric values.",
    "reference": ""
  }
}