PUTVerify OTP
Verify the OTP entered by the customer and receive a signed verification token for downstream use.
Validates the OTP sent by the Send OTP API. On success (status = 0) it returns a signed JWT otp_verification_token containing the verified mobile and a unique token id. The token is valid for 5 minutes and acts as proof that OTP verification was performed — pass it to any transaction that depends on a verified mobile, and use the Validate OTP-Verification-Token API to confirm its authenticity.
Body parameters
| Field | Type | Required | Description |
|---|---|---|---|
initiator_id | string | required | Registered mobile number of the API user (see Platform Credentials).e.g. 9962981729 |
otpOTP | string | required | The OTP value the customer received via SMS from the Send OTP API.e.g. 3643 |
mobileMobile Number | string | required | The same 10-digit mobile number the OTP was sent to.e.g. 9002336768 |
initiator_idstringRequiredRegistered mobile number of the API user (see Platform Credentials).
example: 9962981729
otpstringRequired· OTPThe OTP value the customer received via SMS from the Send OTP API.
example: 3643
mobilestringRequired· Mobile NumberThe same 10-digit mobile number the OTP was sent to.
example: 9002336768
Headers
| Field | Type | Required | Description |
|---|---|---|---|
developer_key | string | required | Static API key issued to your account after KYC. |
secret-key | string | required | Dynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))). |
secret-key-timestamp | string | required | Current time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time. |
content-type | string | required | application/jsone.g. application/json |
developer_keystringRequiredStatic API key issued to your account after KYC.
secret-keystringRequiredDynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))).
secret-key-timestampstringRequiredCurrent time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time.
content-typestringRequiredapplication/json
example: application/json
Responses
statusnumberPrimary success indicator (0 = success).
messagestringHuman-readable response / error message.
response_status_idnumberGranular status id; see the shared error-codes table.
response_type_idnumberA unique id for every possible response shape (success or error) — useful for client logic branching and analytics.
dataobjectAPI-specific response payload.
client_ref_idstringUnique reference id for this OTP flow, echoed back.
otp_verification_tokenstringSigned JWT proving the OTP was verified. Contains the verified mobile and a unique token id; valid for 5 minutes. Validate it with the Validate OTP-Verification-Token API.
initiator_idstringRegistered mobile number of the API user that initiated the call.
mobilestringThe mobile number that was verified.
tidstringUnique transaction id for this verification.