Verify a challenge

curl --request POST \
  --url https://{defaultHost}/v1/auth/{app_id}/challenges/{token}/verify

{
  "access": "<string>",
  "refresh": "<string>",
  "csrf": "<string>",
  "access_expires_at": "2023-11-07T05:31:56Z",
  "refresh_expires_at": "2023-11-07T05:31:56Z",
  "user_id": "<string>",
  "challenge": {
    "token": "ch_abc123xyz789",
    "status": "pending",
    "purpose": "authenticate",
    "method": "email_otp",
    "expires_at": "2023-11-07T05:31:56Z",
    "remaining_attempts": 3,
    "time_remaining": 540,
    "intent": "<string>",
    "delivery_required": true
  },
  "mfa_required": true,
  "mfa_challenge": {
    "token": "ch_abc123xyz789",
    "status": "pending",
    "purpose": "authenticate",
    "method": "email_otp",
    "expires_at": "2023-11-07T05:31:56Z",
    "remaining_attempts": 3,
    "time_remaining": 540,
    "intent": "<string>",
    "delivery_required": true
  },
  "available_methods": [
    "totp",
    "sms",
    "email"
  ],
  "status": "completed",
  "intent": "<string>",
  "intent_fields": {}
}

POST

auth

{app_id}

challenges

{token}

verify

Verify a challenge

curl --request POST \
  --url https://{defaultHost}/v1/auth/{app_id}/challenges/{token}/verify

{
  "access": "<string>",
  "refresh": "<string>",
  "csrf": "<string>",
  "access_expires_at": "2023-11-07T05:31:56Z",
  "refresh_expires_at": "2023-11-07T05:31:56Z",
  "user_id": "<string>",
  "challenge": {
    "token": "ch_abc123xyz789",
    "status": "pending",
    "purpose": "authenticate",
    "method": "email_otp",
    "expires_at": "2023-11-07T05:31:56Z",
    "remaining_attempts": 3,
    "time_remaining": 540,
    "intent": "<string>",
    "delivery_required": true
  },
  "mfa_required": true,
  "mfa_challenge": {
    "token": "ch_abc123xyz789",
    "status": "pending",
    "purpose": "authenticate",
    "method": "email_otp",
    "expires_at": "2023-11-07T05:31:56Z",
    "remaining_attempts": 3,
    "time_remaining": 540,
    "intent": "<string>",
    "delivery_required": true
  },
  "available_methods": [
    "totp",
    "sms",
    "email"
  ],
  "status": "completed",
  "intent": "<string>",
  "intent_fields": {}
}

Path Parameters

app_id

string

required

App ID

token

string

required

Challenge token

Response

verification successful - step-up/custom

access

string

JWT access token

refresh

string

JWT refresh token

csrf

string

CSRF token

access_expires_at

string<date-time>

refresh_expires_at

string<date-time>

user_id

string

App user ID

challenge

object

Show child attributes

mfa_required

boolean

Example:

true

mfa_challenge

object

Show child attributes

available_methods

string[]

Available MFA methods for the user

Example:

["totp", "sms", "email"]

status

string

Example:

"completed"

intent

string

The custom intent name

intent_fields

object

Intent-specific data

Cancel a challenge Resend challenge

⌘I

Objects

API Keys

Apps

Auth Providers

Challenges

Session Management

WebAuthn

Magic Links

OAuth

OTP

Tokens

Workspace Sessions

RSA Keys

Events

M2M Sessions

Message Service Providers

Notifications

User Meta Fields

Users

Verification

Webhooks

Workspace Apps

Workspace Memberships

Workspaces

Verify a challenge

Path Parameters

Response