Verify
:::note This feature is disabled by default for new tenants as of 8 June 2017. Please see Application Grant Types for more information. :::
Once you have a verification code, use this endpoint to login the user with their phone number/email and verification code. This is active authentication, so the user must enter the code in your app.
Remarks
- The
profilescope value requests access to the End-User’s default profile Claims, which are:name,family_name,given_name,middle_name,nickname,preferred_username,profile,picture,website,gender,birthdate,zoneinfo,locale, andupdated_at. - The
emailscope value requests access to theemailandemail_verifiedClaims. - The sample auth0.js script uses the library version 8. If you are using auth0.js version 7, please see this reference guide.
Learn More
Authorizations
Access token obtained from the authentication flow
Body
Grant type, must be password.
"password"
The client_id of your application.
"${account.clientId}"
Use sms or email (should be the same as POST /passwordless/start).
email, sms "email"
The user's phone number if connection=sms, or the user's email if connection=email.
"USER_EMAIL_OR_PHONE"
The user's verification code.
"VERIFICATION_CODE"
Callback URL registered with your application's Allowed Callback URLs.
"https://yourapp.com/callback"
Use openid to get an ID Token, or openid profile email to include user profile information in the ID Token.
"openid profile"
Response
User authenticated successfully.