Send OTP

From docs
Jump to: navigation, search

Send Two-Factor Verification Code

Base URL

https://apimobile.callproof.com

Endpoint

/api/v1/verify-code

Purpose

Sends a six-digit verification code to a registered user's email address.

The code is used to complete two-factor authentication for mobile access. The API supports both initial code requests and resend requests.

Request limits are applied separately to initial and resend requests. Normally, up to three requests of each type may be made per day.

HTTP Method

POST

Headers

Header Required Description
Authorization Yes Bearer access token.
Content-Type Yes application/x-www-form-urlencoded or application/json.

Security

  • Yes – Requires Bearer Token authentication.
  • The access token must be active and unexpired.
  • The authenticated user and associated company account must be active.
  • Completed two-factor verification is not required to call this endpoint.

Parameters

Request Body Fields

Parameter Type Required Description
email string Yes A registered email address that will receive the verification code.
type string Yes Indicates whether to send an initial code or resend a code.

Supported Type Values

Value Meaning
send-verification-code Sends an initial verification code.
resend-verification-code Sends another verification code.

Successful Response (200)

Confirms that a six-digit verification code was generated and sent to the supplied registered email address.

Response Field Type Description
clientStatusCode integer Business-level response status. A successful request returns 200.
user_id integer The authenticated user's unique identifier.
company_id integer The company associated with the authenticated user.
message string Confirmation message. The successful value is Verification Code Sent Successfully.
uri string The URL of the verification-code request.

Error Responses

HTTP Status Code Client Status Code Meaning
200 401 The required email field was not supplied.
200 401 The required type field was not supplied.
200 401 The supplied email address is not registered.
200 400 The verification-code request limit was reached.
200 400 The supplied type value is unsupported.
200 400 The verification email could not be sent.
401 401 The Bearer token is missing or invalid.
401 401 The access token has expired.
401 401 The authenticated user or company account is disabled.
401 401 A required client application update must be installed.

Error Response Fields

Response Field Type Description
clientStatusCode integer The business-level error status, commonly 400 or 401.
error.code integer The business error code.
error.message string A plain-language explanation of why the verification code could not be sent.
uri string The URL of the request.

Common Error Codes

Error Code Meaning
1500 Authentication, validation, email lookup, or code-delivery failure.
1800 The user or company account is disabled.
8000 The access token has expired.
9000 A required client application update is available.