Skip to main content
POST
/
v1
/
auth
/
{app_id}
/
challenges
/
{token}
/
verify
Verify a challenge
curl --request POST \
  --url https://{defaultHost}/v1/auth/{app_id}/challenges/{token}/verify
{
  "access": "<string>",
  "refresh": "<string>",
  "csrf": "<string>",
  "access_expires_at": "2023-11-07T05:31:56Z",
  "refresh_expires_at": "2023-11-07T05:31:56Z",
  "user_id": "<string>",
  "challenge": {
    "token": "ch_abc123xyz789",
    "status": "pending",
    "purpose": "authenticate",
    "method": "email_otp",
    "expires_at": "2023-11-07T05:31:56Z",
    "remaining_attempts": 3,
    "time_remaining": 540,
    "intent": "<string>",
    "delivery_required": true
  },
  "mfa_required": true,
  "mfa_challenge": {
    "token": "ch_abc123xyz789",
    "status": "pending",
    "purpose": "authenticate",
    "method": "email_otp",
    "expires_at": "2023-11-07T05:31:56Z",
    "remaining_attempts": 3,
    "time_remaining": 540,
    "intent": "<string>",
    "delivery_required": true
  },
  "available_methods": [
    "totp",
    "sms",
    "email"
  ],
  "status": "completed",
  "intent": "<string>",
  "intent_fields": {}
}

Documentation Index

Fetch the complete documentation index at: https://docs.scute.io/llms.txt

Use this file to discover all available pages before exploring further.

Path Parameters

app_id
string
required

App ID

token
string
required

Challenge token

Response

verification successful - step-up/custom

access
string

JWT access token

refresh
string

JWT refresh token

csrf
string

CSRF token

access_expires_at
string<date-time>
refresh_expires_at
string<date-time>
user_id
string

App user ID

challenge
object
mfa_required
boolean
Example:

true

mfa_challenge
object
available_methods
string[]

Available MFA methods for the user

Example:
["totp", "sms", "email"]
status
string
Example:

"completed"

intent
string

The custom intent name

intent_fields
object

Intent-specific data