--- title: "Validate eKYC OTP API Reference" description: "Confirm sender eKYC by verifying the OTP sent to the Aadhaar-linked mobile." canonical: "https://eps.eko.in/docs/dmt-fino-validate-ekyc-otp" --- > **Canonical URL:** https://eps.eko.in/docs/dmt-fino-validate-ekyc-otp > This is a machine-readable Markdown version of the page for AI agents and LLMs. The primary (HTML) version lives at the canonical URL above. # Validate eKYC OTP API Reference `PUT https://staging.eko.in/ekoapi/v3/customer/payment/dmt-fino/sender/{customer_id}/otp/verify` Confirm sender eKYC by verifying the OTP sent to the Aadhaar-linked mobile. Final step of the sender eKYC flow. Submit the OTP received on the Aadhaar-linked mobile number along with the otp_ref_id and kyc_request_id from the Sender eKYC response. On success the sender's account is upgraded to fully KYC-verified status with a ₹25,000 monthly limit. > View product & pricing details: [Domestic Money Transfer (DMT)](https://eps.eko.in/products/dmt-api.md) ## Path parameters | Field | Type | Required | Description | | --- | --- | --- | --- | | customer_id | string | yes | Sender's 10-digit mobile number. e.g. 9123456789 | ## Body parameters | Field | Type | Required | Description | | --- | --- | --- | --- | | initiator_id | string | yes | Registered mobile number of the API user (see Platform Credentials). e.g. 9962981729 | | user_code | string | yes | User code of the retailer/agent the service is run for. e.g. 20810200 | | client_ref_id | string | no | Unique reference id per API call, generated by your system. e.g. REQ-20260101-001 | | otp | string | yes | One-time password received on the sender's Aadhaar-linked mobile number. e.g. 784512 | | otp_ref_id | string | yes | OTP reference ID returned by the Sender eKYC (or Onboard Sender) API call. e.g. OTPREF20240101001 | | kyc_request_id | string | yes | KYC request identifier returned by the Sender eKYC API call. e.g. KYC20240101001 | ## Headers | Field | Type | Required | Description | | --- | --- | --- | --- | | developer_key | string | yes | Static API key issued to your account after KYC. | | secret-key | string | yes | Dynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))). | | secret-key-timestamp | string | yes | Current time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time. | | content-type | string | yes | application/json e.g. application/json | ## Response ⭐ marks fields highlighted as verifiable. | Field | Type | Description | | --- | --- | --- | | status | number | Primary success indicator (0 = success). | | message | string | Human-readable response / error message. | | response_status_id | number | Granular status id; see the shared error-codes table. | | response_type_id | number | A unique id for every possible response shape (success or error) — useful for client logic branching and analytics. | | data | object | API-specific response payload. | | data.customer_id | string | Sender's mobile number (echoed back). | | data.kyc_verified ⭐ | boolean | Confirms successful eKYC completion. | | data.available_limit ⭐ | number | Updated monthly transfer limit after KYC (in INR). | ## Example request ```json { "initiator_id": "9962981729", "user_code": "20810200", "client_ref_id": "REQ-20260101-001", "otp": "784512", "otp_ref_id": "OTPREF20240101001", "kyc_request_id": "KYC20240101001" } ``` ## Example response ```json { "status": 0, "response_status_id": 0, "message": "eKYC verification successful", "response_type_id": 1388, "data": { "customer_id": "9123456789", "kyc_verified": true, "available_limit": 25000 } } ``` ## Error scenarios | Status | Scenario | | --- | --- | | 200 | Incorrect OTP entered | | 200 | OTP has expired |