1. Magic Auth Code
  • Overview
  • Application Guides
    • Frontend
      • Get Started - React App
      • Get Started - HTML and JS
      • Get Started - Angular JS
      • Get Started - Next JS App
    • Backend
      • Get Started - Node JS
      • Get Started - Golang
      • Get Started - ASP.NET
      • Get Started - JAVA
  • Dashboard
    • API Credentials
    • Organization
    • Social Login
    • Customize Email Template
    • Configure Custom Domain
    • IT Admin Portal
  • Authentication
    • Login Widget
    • Magic Link
    • Google Social Login
    • Multi-Factor Authentication
    • Single Sign-On Overview
    • Setup SSO Connection
  • Security
    • Overview
    • Authentication
      • Password Hashing and Storage
      • Multi-Factor Authentication Methods and Implementation
      • Session Management
    • Attack Protection
      • Bot Detection
      • Breached Password Detection
      • Brute Force Protection
      • Log Events
      • Secure JSON Web Tokens (JWT)
      • Secure OpenID Connect (OIDC)
      • Suspicious IP Throttling
    • Data Security
      • Data Encryption At Rest and In Transit
      • Secure Storage of Secrets (Keys, Credentials)
      • Sensitive Data Handling
    • Infrastructure
      • Security Considerations for Cloud Provider or Deployment Model
      • Threat Modeling
  • API References
    • Authentication
      • MagicLink
        • Email a Magic Link
        • Resend Email Magic Link
        • Verify Magic Link
        • Ping Status
      • Magic Auth Code
        • Email a Magic Auth Code
          POST
        • Resend Magic Auth Code
          POST
        • Verify Magic Auth Code
          POST
      • Phone Authentication
        • Send Magic Auth Code via SMS
        • Resend Magic Auth Code via SMS
        • Phone Magic Auth Verify
      • PassKey
        • Initiate Passkey Login
        • Passkey Registration Initialize
        • Finish Passkey Authentication
        • Complete Passkey Registration
        • Check User Passkey Authentication Status
        • List User PassKey Credentials
        • Update Passkey Name
        • Delete Associated Passkey
      • GET Auth Status
        GET
    • Token
      • Refresh Token
      • Access Token By Auth Code
    • Mutli-Factor Authentication (MFA)
      • MFA Access Token
      • List of Authenticators
      • MFA Enroll TOTP
      • Initiate MFA
      • QR Code Image API
      • Validate MFA Token
      • Get Backup Code
    • Role And Permission
      • List All Roles
      • List All Permission
      • Create New Role
      • Update Existing Role
      • Update Permission By Permission Id
      • Remove Organization Role By Role Id
      • Remove Organization Permission By Permission Id
    • User Management
      • List All Users
      • GET User By User Id
      • GET User by User Email Address
      • Create a User
      • Update User by User Id
      • Verify User Status By User Id
      • Delete User By User Id
      • Manage User Roles
      • GET Users Organizations
      • GET User Login Logs
    • Organization
      • Add New Organization
      • Get Organization
      • Get All Organization
      • Update Organization
      • Delete Organization
      • GET Configuration By Client Id
      • GET Configuration By Custom Domain
  1. Magic Auth Code

Verify Magic Auth Code

POST
https://api.ssojet.com/api/v1/auth/passwordless/email-otp/verify

Verify Magic Auth Code for Passwordless Authentication#

This endpoint is used to verify the one-time magic auth code sent to the user's email for passwordless authentication.

Request Body#

state (string): The state associated with the magic auth code request.
otp (string): The one-time magic auth code received by the user via email.

Response#

Upon successful verification, the response will include the user's authentication token and relevant user information.

Response Status Code#

200 OK: Magic link sent successfully.
400 Bad Request: Invalid email format.
500 Internal Server Error: An error occurred while processing the request.

Request

Query Params
client_id
string 
required
This identifies the application making the request to the SSOJET server. You can find your client ID on the API Keys page in the dashboard
Example:
string
Header Params
Content-Type
string 
required
Example:
application/json
User-Agent
string 
required
Example:
SSOJET API
Body Params application/json
state
string 
required
otp
string 
required
Example
{
    "state": "{{sj_state}}",
    "otp": ""
}

Request samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://api.ssojet.com/api/v1/auth/passwordless/email-otp/verify?client_id=string&client_id=' \
--header 'User-Agent: SSOjet/1.0.0 (https://ssojet.com)' \
--header 'Content-Type: application/json' \
--data-raw '{
    "state": "{{sj_state}}",
    "otp": ""
}'

Responses

⚪0Verify Magic Auth Code
application/json
Body
authenticated
boolean 
required
access_token
string 
required
refresh_token
string 
required
token_type
string 
required
expires_at
string 
required
profile
object 
required
id
string 
required
account_id
string 
required
connection_type
string 
required
email
string 
required
first_name
string 
required
last_name
string 
required
created_at
string 
required
modified_at
string 
required
is_active
boolean 
required
LastLoginAt
string 
required
Example
{
    "authenticated": true,
    "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjY1Yzk5NjEzMWNlYzJmZmQwNzE2OGU3NCIsInR5cCI6ImF0K2p3dCJ9.eyJpc3MiOiJtb2pvYXV0aCIsInN1YiI6IjY2OTRiMzExZmM2OTg0YjExNjBlMTQ5NyIsImF1ZCI6IjY1Yzk5MDc2NDc2Nzc5YjhlN2JlNmRjNSIsImV4cCI6MTcyMzYxMzIwMSwibmJmIjoxNzIxMDIxMjAxLCJpYXQiOjE3MjEwMjEyMDEsImp0aSI6IjY2OTRiMzExZmM2OTg0YjExNjBlMTQ5OCIsImNsaWVudF9pZCI6ImNsaV9jbjRwYzRqaG5kYmoxMTI0amRrZy42ODRjOTFmY2MyZTI0NWQ5OWRlNzI3MThlNjg1MjI4ZS5paFJKTTN5N25yQU5QeHVUVzVHVGZFIiwiYXpwIjoiNjVjOTk2MTMxY2VjMmZmZDA3MTY4ZTc0IiwiaXNfdmVyaWZpZWQiOnRydWUsImVtYWlsIjoiYXNkc2Fkc2FAbWFpbDcuaW8iLCJyb2xlcyI6bnVsbCwidGVuYW50SWRzIjpudWxsLCJ0ZW5hbnRJZCI6IiJ9.A4bvqk6BpItkfg1AVSyFVjGgZ34a5YUaOzWeowbcJg8qP_Z-cces1X7lcAuBuHe8EdV9xAnpLybifqrcm62239krHF85zPlACCQS3EadLZqDeNgDiig4h_vhfbvpm20PTxomyplFPUzFMKsWs315MHlz4SttTlEC4QsXNsNEiBzg5Mvf8ulHR9ceBKcHD0v5HGeH6ZnW3VZe6KoGcMgpJt5sx21wLzuk2JGE7atNlzrVgbV5yvGsfKz5jM2fIhAmb1NzhsJdNh9n_3oPA1HH02QfUtRFSTaIsJJbAhN8-eu07jvS7O34uTkfHirAEg21IAT6faja-0YG-dTqxlo6BA",
    "refresh_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjY1Yzk5NjEzMWNlYzJmZmQwNzE2OGU3NCIsInR5cCI6InJ0K2p3dCJ9.eyJpc3MiOiJtb2pvYXV0aCIsInN1YiI6IjY2OTRiMzExZmM2OTg0YjExNjBlMTQ5NyIsImF1ZCI6IjY1Yzk5MDc2NDc2Nzc5YjhlN2JlNmRjNSIsImV4cCI6MTcyMzYxMzIwMSwibmJmIjoxNzIxMDIxMjAxLCJpYXQiOjE3MjEwMjEyMDEsImp0aSI6IjY2OTRiMzExZmM2OTg0YjExNjBlMTQ5OSIsImNsaWVudF9pZCI6ImNsaV9jbjRwYzRqaG5kYmoxMTI0amRrZy42ODRjOTFmY2MyZTI0NWQ5OWRlNzI3MThlNjg1MjI4ZS5paFJKTTN5N25yQU5QeHVUVzVHVGZFIiwiYXpwIjoiNjVjOTk2MTMxY2VjMmZmZDA3MTY4ZTc0IiwiaXNfdmVyaWZpZWQiOnRydWUsImVtYWlsIjoiYXNkc2Fkc2FAbWFpbDcuaW8iLCJyb2xlcyI6bnVsbCwidGVuYW50SWRzIjpudWxsLCJ0ZW5hbnRJZCI6IiJ9.Vj1098_hh2ju1wEdayuHktuLC4eonbTpbKQCstWx7oNEwuDK3xP-nVp5PxCLbRs2QJErF6vE_yARE9iKqB6YJmK3VDdGy4LuwgPzTuYfuSdem2xk5aUmsuSmc3rI0WUDff0K0Yz5_bTQYHxHPhxLUcNnkTeQR64MWIG2KeDWUGgBKFb0cgEHCRLymHnv40XVUODPoUuP2P9iM7PzNIzE92yowM-vHglaRTB9J8yw-wWvqOXY5-C8vayj7zw56Ac2Jcbv8zdp2vwEacvMeDkoQSq2WtISGPndrjonfXcEa55p4bdYpxw94O6XvwO-_lQZLM4RTFmpWH7DjT_zhdGQHQ",
    "token_type": "Bearer",
    "expires_at": "2024-08-14T05:26:41Z",
    "profile": {
        "id": "6694b311fc6984b1160e1497",
        "account_id": "65c99076476779b8e7be6dc5",
        "connection_type": "MagicLink",
        "email": "asdsadsa@mail7.io",
        "first_name": "",
        "last_name": "",
        "created_at": "2024-07-15T05:26:41.367629571Z",
        "modified_at": "2024-07-15T05:26:41.367629571Z",
        "is_active": true,
        "LastLoginAt": "2024-07-15T05:26:41.367629571Z"
    }
}
Modified at 2024-07-22 11:04:03
Previous
Resend Magic Auth Code
Next
Send Magic Auth Code via SMS
Built with