Pricing Templates

POST /api/v1/users/{userId}/factors/{factorId}/verify

Verifies an OTP for a Factor. Some Factors (call, email, push, sms, u2f, and webauthn) must first issue a challenge before you can verify the Factor. Do this by making a request without a body. After a challenge is issued, make another request to verify the Factor.

Note: To verify a push factor, use the poll link returned when you issue the challenge. See Retrieve a Factor Transaction Status.

Servers

https://{yourOktaDomain}

Path parameters

Name	Type	Required	Description
`userId`	String	Yes	ID of an existing Okta user
`factorId`	String	Yes	ID of an existing user Factor

Request headers

Name	Type	Required	Description
`X-Forwarded-For`	String	No	Public IP address for the user agent
`Content-Type`	String	Yes	The media type of the request body. Default value: "application/json"
`User-Agent`	String	No	Type of user agent detected when the request is made. Required to verify `push` Factors.
`Accept-Language`	String	No	An ISO 639-1 two-letter language code that defines a localized message to send. This parameter is only used by `sms` Factors. If a localized message doesn't exist or the `templateId` is incorrect, the default template is used instead.

Query parameters

Name Type Required Description

Name	Type	Required	Description
`templateId`	String	No	ID of an existing custom SMS template. See the SMS Templates API. This parameter is only used by `sms` Factors.
`tokenLifetimeSeconds`	Integer	No	Defines how long the token remains valid Default value: 300

templateId

String

No

ID of an existing custom SMS template. See the SMS Templates API. This parameter is only used by sms Factors.

tokenLifetimeSeconds

Integer

No

Defines how long the token remains valid

Default value: 300

Request body fields

Name	Type	Required	Description
`passCode`	String	No	OTP for the current time window
`authenticatorData`	String	No	Base64-encoded authenticator data from the WebAuthn authenticator
`clientData`	String	No	Base64-encoded client data from the U2F token
`signatureData`	String	No	Base64-encoded signature data from the U2F token
`answer`	String	No	Answer to the question
`nextPassCode`	String	No

How to start integrating

Add HTTP Task to your workflow definition.
Search for the API you want to integrate with and click on the name.
- This loads the API reference documentation and prepares the Http request settings.
Click Test request to test run your request to the API and see the API's response.

All third party trademarks (including logos and icons) are the property of their respective owners, which do not sponsor, authorize, or endorse this website.

Pricing Templates Integrations Blog Contact Us Help

Terms of Service Privacy Policy