Check Verification Code

From docs
Jump to: navigation, search

Verify Two-Factor Authentication Code

Base URL

https://apimobile.callproof.com

Endpoint

/api/v1/check-verification-code

Purpose

Validates a six-digit verification code previously sent to a registered email address.

When verification succeeds, the supplied mobile device is recognized as having completed two-factor authentication. This allows the user to access APIs protected by two-factor verification.

The verification code remains valid for three minutes.

HTTP Method

POST

Headers

Header Required Description
Authorization Yes Bearer access token.
Content-Type Yes application/x-www-form-urlencoded or application/json.

Security

  • Yes – Requires Bearer Token authentication.
  • The access token must be active and unexpired.
  • The authenticated user and associated company account must be active.
  • Completed two-factor verification is not required because this endpoint performs the verification.

Parameters

Request Body Fields

Parameter Type Required Description
email string Yes The registered email address to which the verification code was sent.
verification_code string Yes The six-digit verification code received by email.
device_id_app string Yes The mobile device notification token used to associate successful verification with the device.

Successful Response (200)

Confirms that the verification code is valid and that two-factor authentication was completed successfully for the supplied device.

The verified device may remain recognized for up to one year.

Response Field Type Description
clientStatusCode integer Business-level response status. Successful verification returns 200.
user_id integer The authenticated user's unique identifier.
company_id integer The company associated with the authenticated user.
message string Confirmation message. The successful value is Code Verified Successfully.
uri string The URL of the verification request.

Error Responses

HTTP Status Code Client Status Code Meaning
200 401 The required email field was not supplied.
200 401 The required verification_code field was not supplied.
200 401 The required device_id_app field was not supplied.
200 401 The supplied email address is not registered.
200 401 The verification code does not match the supplied email address.
200 400 The verification code is more than three minutes old.
200 400 The verification result could not be recorded.
401 401 The Bearer token is missing or invalid.
401 401 The access token has expired.
401 401 The authenticated user or company account is disabled.
401 401 A required client application update must be installed.

Error Response Fields

Response Field Type Description
clientStatusCode integer The business-level error status, commonly 400 or 401.
error.code integer The business error code.
error.message string A plain-language explanation of the verification failure.
uri string The URL of the request.

Common Error Messages

Message Meaning
Email Does Not Exist The supplied email address is not registered.
Invalid code. Please try again. The supplied code does not match the email address.
Verification Code Expired! The code is more than three minutes old.

Common Error Codes

Error Code Meaning
1500 Authentication, validation, email lookup, or code verification failed.
1800 The user or company account is disabled.
8000 The access token has expired.
9000 A required client application update is available.