Skip to main content
POST
/
v1
/
public
/
otp
/
verify
Verify OTP
curl --request POST \
  --url https://api.flexype.io/v1/public/otp/verify \
  --header 'Content-Type: application/json' \
  --data '
{
  "context_id": "550e8400-e29b-41d4-a716-446655440000",
  "otp": "1234",
  "session_id": "5223aec7-bb78-4344-be18-8023eb8f22ae"
}
'
{
  "status": "SUCCESS",
  "data": {
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "expires_in": 3600,
    "user_id": "8f14e45f-ceea-467f-9a36-dedd4f8c4e88",
    "user": {
      "id": "8f14e45f-ceea-467f-9a36-dedd4f8c4e88",
      "phone": "9876543210",
      "dial_code": "91",
      "phone_verified": true,
      "user_type": "CUSTOMER"
    }
  }
}
On success the user session is marked as logged in and JWT tokens are returned. The OTP must be verified within 10 minutes of sending; after 3 failed attempts a new OTP must be requested.

Save the tokens

Persist the tokens immediately under the keys flexy_access and flexy_refresh. 
document.cookie = `flexy_access=${access_token}; path=/; max-age=3600`;
document.cookie = `flexy_refresh=${refresh_token}; path=/; max-age=2592000`;
TokenExpiration
flexy_access1 hour
flexy_refresh30 days

Body

application/json
context_id
string<uuid>
required

UUID from Send OTP or Resend OTP.

Example:

"550e8400-e29b-41d4-a716-446655440000"

otp
string
required

4-digit code sent to the customer.

Example:

"1234"

session_id
string<uuid>

Optional cart session ID to associate with the user.

Example:

"5223aec7-bb78-4344-be18-8023eb8f22ae"

Response

OTP verified. Authentication tokens returned.

status
string
Example:

"SUCCESS"

data
object