OTP

Verify OTP

Verify a submitted email code against the live idempotent OTP record.

Copy page
POST/v1/verify

Verify code

cURL
curl --request POST \
  --url https://api.sendotp.email/v1/verify \
  --header "Authorization: Bearer $SENDOTP_API_KEY" \
  --header "Content-Type: application/json" \
  --data '{"email":"[email protected]","purpose":"report-access","code":"493021"}'

200

The submitted code matched.
{
  "valid": true
}

Overview

Checks the code for the normalized email and purpose, rejects expired records, and tracks failed attempts until the configured limit is reached.

Authorization

Bearer API keyAuthorizationrequired

Use the same server API key model as send. Verification should happen from your backend.

Request

emailstringrequired

Email address originally used to request the code.

purposestringrequired

The exact purpose used when the code was sent.

codestringrequired

Code entered by the user from their email.

Responses

200

The submitted code matched.

{
  "valid": true
}
200

The code was expired, wrong, or over the attempt limit.

{
  "valid": false,
  "reason": "expired"
}