Documentation version: Latest (v1)
API endpoint
Verify instant OTP
Consumes OTP session and marks verification complete.
POST/api/v1/instant-otp/verify
Auth: Bearer public OTP token OR server API key with server_otp scope
Required headers
| Header | Required | Value | Description |
|---|---|---|---|
| Authorization | Yes | Bearer <token> | API key, server OTP key, or public OTP token depending on endpoint. |
| Content-Type | Yes | application/json | All POST requests expect JSON payloads. |
Request body
| Field | Type | Required | Description |
|---|---|---|---|
| sessionId | string | Yes | Session id returned by send. |
| string | Yes | Email from send call. | |
| code | string | Yes | OTP code entered by user. |
Code examples (all supported languages)
Snippets use placeholder tokens. Replace them with real credentials from your dashboard.
curl -X POST "https://risumail.risu.in/api/v1/instant-otp/verify" \
-H "Authorization: Bearer risu_otp_PUBLIC_TOKEN" \
-H "Content-Type: application/json" \
-d '{"sessionId":"otp_sess_01J...","email":"user@example.com","code":"123456"}'Response schema
Canonical schema inferred from the documented success payload. Copy this block when generating typed clients.
{
"type": "object",
"required": [
"success",
"data"
],
"properties": {
"success": {
"type": "boolean"
},
"data": {
"type": "object",
"required": [
"verified"
],
"properties": {
"verified": {
"type": "boolean"
}
}
}
}
}Success response example
{
"success": true,
"data": {
"verified": true
}
}Common error cases
| Status | Code | When |
|---|---|---|
| 400 | INVALID_CODE | Malformed or wrong OTP code. |
| 404 | SESSION_NOT_FOUND | Expired or unknown session id. |
| 429 | RATE_LIMITED | Repeated failed verification attempts. |
Implementation notes
- Verify accepts same auth styles as send route.