POST /api/v1/users/{userId}/factors/{factorId}/verify
Verifies an OTP for a factor. Some factors (call, email, push, sms, u2f, and webauthn) must first issue a challenge before you can verify the factor. Do this by making a request without a body. After a challenge is issued, make another request to verify the factor.
Notes:
- You can send standard push challenges or number matching push challenges to Okta Verify
pushfactor enrollments. Use a request body for number matching push challenges.- To verify a
pushfactor, use the poll link returned when you issue the challenge. See Retrieve a factor transaction status.
Servers
- https://{yourOktaDomain}
Path parameters
| Name | Type | Required | Description |
|---|---|---|---|
userId |
String | Yes |
ID of an existing Okta user |
factorId |
String | Yes |
ID of an existing user factor |
Request headers
| Name | Type | Required | Description |
|---|---|---|---|
X-Forwarded-For |
String | No |
Public IP address for the user agent |
Content-Type |
String | Yes |
The media type of the request body.
Default value: "application/json" |
User-Agent |
String | No |
Type of user agent detected when the request is made. Required to verify |
Accept-Language |
String | No |
An ISO 639-1 two-letter language code that defines a localized message to send. This parameter is only used by |
Query parameters
| Name | Type | Required | Description |
|---|---|---|---|
templateId |
String | No |
ID of an existing custom SMS template. See the SMS Templates API. This parameter is only used by |
tokenLifetimeSeconds |
Integer | No |
Defines how long the token remains valid Default value: 300 |
How to start integrating
- Add HTTP Task to your workflow definition.
- Search for the API you want to integrate with and click on the name.
- This loads the API reference documentation and prepares the Http request settings.
- Click Test request to test run your request to the API and see the API's response.