Create a challenge

curl --request POST \
  --url https://{defaultHost}/v1/auth/{app_id}/challenges

{
  "challenge": {
    "token": "ch_abc123xyz789",
    "expires_at": "2023-11-07T05:31:56Z",
    "remaining_attempts": 3,
    "time_remaining": 540,
    "intent": "<string>",
    "delivery_required": true
  }
}

Challenges

Create a challenge

Create a new challenge for authentication, MFA, step-up verification, or custom flows.

Purposes:

authenticate - Primary login verification (returns session tokens on success)
mfa - Second factor after primary auth (returns session tokens on success)
step_up - Re-verify identity for sensitive actions
verify_contact - Verify email/phone ownership
verify_identity - KYC/identity verification
change_identifier - Verify new email/phone before updating
custom - Custom verification with callback

Methods:

email_otp - Send OTP code via email
sms_otp - Send OTP code via SMS
magic_link - Send magic link via email
totp - Time-based OTP (authenticator app)
backup_code - Use backup recovery code
webauthn - Passkey/security key verification
push - Push notification approval

POST

auth

{app_id}

challenges

Create a challenge

curl --request POST \
  --url https://{defaultHost}/v1/auth/{app_id}/challenges

{
  "challenge": {
    "token": "ch_abc123xyz789",
    "expires_at": "2023-11-07T05:31:56Z",
    "remaining_attempts": 3,
    "time_remaining": 540,
    "intent": "<string>",
    "delivery_required": true
  }
}

Path Parameters

app_id

string

required

App ID

Response

challenge created

challenge

object

Show child attributes

Upsert auth provider Get challenge status