Verify Login
API usage for verifying the login OTP for the user. login OTP is sent to the user's email.
Overview
This API endpoint allows you to verify the user login to using User’s email and otp verification.
- HTTP Method: POST
- Endpoint:
/api/<VERSION>/auth/verify-otp
Request Body Parameters
verificationToken
(required):verificationToken
from Login endpoints.otp
(required): otp sent to the user's email.
Example Request Body
{
"verificationToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0YjUxNGY0MzU4ZGVjY2FkYWY4MDA5MSIsImVtYWlsIjoiZGVuZGl0b3BydG1AZ21haWwuY29tIiwibmFtZSI6IkRlbmRpdG8gUHJhdGFtYSIsInJvbGUiOiJhZG1pbiIsInBvbGljeSI6IjY0OTE0YTY3Z...",
"otp": "123456"
}
Request
Request Headers
x-client-secret
(required): Client secret which was generated when register in Xellar Embedded Wallet API Service Dashboard.
Example Request Syntax
curl -X POST -H "Content-Type: application/json" -H "x-client-secret: $YOUR_CLIENT_SECRET" -d '{
"verificationToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6I...",
"otp": "123456"
}' <BASE_URL>/api/<VERSION>/auth/verify-otp
Response
The response will include a JSON object with the following properties:
status
(number): The HTTP status code of the response (e.g., 200 for success).message
(string): A message providing additional information about the operation.data
(object): An object containing theaccessToken
,walletToken
andisWalletCreated
.data.isWalletCreated
(bool): A boolean value to determine whether the wallet is already created or not.data.refreshToken
(string): A string contains the refresh token which will be used for generating the newwalletToken
after every wallet operation executed.data.walletToken
(string): the wallet token access used to access the wallet operations.data.rampableAccessToken
: JWT token used to access the Rampable Operation endpoint. This token will only be available if the account already create a rampable account and the organization has enabled the rampable feature.data.address
(string): (Version 1 only) the wallet address of the user.data.addresses
(array): (Version 2 only) the wallet addresses of the user. The array contains the network and address of the wallet.
Example Response
below is an example response if the users successfully verified the OTP but they have not created any wallet yet
{
"status": 200,
"message": "ok",
"data": {
"rampableAccessToken": "your_rampable_access_token_here",
"accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6.....",
"isWalletCreated": false
}
}
below is an example response if the users successfully verified the OTP and they have already created their wallets
{
"status": 200,
"message": "ok",
"data": {
"rampableAccessToken": "your_rampable_access_token_here",
"walletToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6.....",
"isWalletCreated": true,
"address": "0x123546..."
}
}
📝
This response only works on v2
{
"status": 200,
"message": "ok",
"data": {
"rampableAccessToken": "your_rampable_access_token_here",
"refreshToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6.....",
"walletToken": "eyJhbfsf838JsjFyhsmmfjsHWEyuI1NasdaJ9.eyJpZCI6.....",
"isWalletCreated": true,
"addresses": [
{
"network": "evm",
"address": "0x123546..."
},
{
"network": "solana",
"address": "Af3sdf8JsjF..."
},
{
"network": "bitcoin",
"address": "bc1q3sdf8JsjF..."
}
]
}
}