Verify User Authentication OTP - Onboard Developer Documentation

POST

auth

user-auth

verify-otp

curl --request POST \
  --url https://onboard-external-dev.api.nestcoin.io/auth/user-auth/verify-otp \
  --header 'Content-Type: application/json' \
  --header 'x-signature: <api-key>' \
  --data '{
  "authSessionId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "otp": "<string>"
}'

{
  "userId": "<string>",
  "accessToken": {
    "token": "<string>",
    "expiry": "2023-11-07T05:31:56Z"
  },
  "refreshToken": {
    "token": "<string>",
    "expiry": "2023-11-07T05:31:56Z"
  }
}

Verifies the OTP provided by a user for authentication during sign-in or sign-up.

This endpoint is specifically for user authentication (logging in or signing up).

Do not confuse it with the 2FA OTP endpoint, which generates OTPs for verifying sensitive account actions (e.g., updating payment methods).

Authorizations

x-signature

string

header

required

Body

application/json

authSessionId

string

required

The log in session ID of the user, valid for the duration of the OTP validity

otp

string

required

The verification code sent to user (partner) email

Response

200

application/json

Success

userId

string

required

Onboard unique User ID

accessToken

object

required

refreshToken

object

required

Initiate user authentication Resend User Authentication OTP

curl --request POST \
  --url https://onboard-external-dev.api.nestcoin.io/auth/user-auth/verify-otp \
  --header 'Content-Type: application/json' \
  --header 'x-signature: <api-key>' \
  --data '{
  "authSessionId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "otp": "<string>"
}'

{
  "userId": "<string>",
  "accessToken": {
    "token": "<string>",
    "expiry": "2023-11-07T05:31:56Z"
  },
  "refreshToken": {
    "token": "<string>",
    "expiry": "2023-11-07T05:31:56Z"
  }
}

Onboard Connect APIs

Authorizations

Body

Response