Examples

Verify a one-time password (OTP) for a user. The example below shows how to verify an OTP using the request_id and the user-provided OTP.

curl --request POST \
--url https://api.eu.xtremepush.com/api/otp/verify \
--header 'content-type: application/json' \
--data '{
    "apptoken": "YOUR_APPTOKEN",
    "request_id": "<otp-request-id-from-generate-result>",
    "otp": "<user-entered-otp>"
}'

Example Use Case

Use this endpoint to validate the OTP entered by a user during login or transaction confirmation. Replace <otp-request-id-from-generate-result> and <user-entered-otp> with actual values from your application.

Verification results from the OTP Verify API

Success

Code: 200
Description: The OTP is correct and has not expired.
Response:

curl --request POST \
--url https://api.eu.xtremepush.com/api/otp/verify \
--header 'content-type: application/json' \
--data '{  
  "success": true,  
  "code": 200,  
  "status": "success"  
}'

Incorrect OTP

Code: 200
Description: The OTP entered by the user does not match the generated OTP.
Response:

curl --request POST \
--url https://api.eu.xtremepush.com/api/otp/verify \
--header 'content-type: application/json' \
--data '{  
  "success": false,  
  "code": 200,  
  "status": "failure",  
  "error": "Incorrect OTP"  
}'

Expired OTP

Code: 200
Description: The OTP has expired based on the expiration time set during generation.
Response:

curl --request POST \
--url https://api.eu.xtremepush.com/api/otp/verify \
--header 'content-type: application/json' \
--data '{  
  "success": false,  
  "code": 200,  
  "status": "failure",  
  "error": "OTP expired"  
}'

Verification Limit Exceeded

Code: 200
Description: The OTP has exceeded the allowed number of verification attempts.
Response:

curl --request POST \
--url https://api.eu.xtremepush.com/api/otp/verify \
--header 'content-type: application/json' \
--data '{  
  "success": false,  
  "code": 200,  
  "status": "failure",  
  "error": "Verification attempts exceeded"  
}'