Skip to main content

Endpoint

POST /passwordless/verify
This feature is disabled by default for new tenants as of 8 June 2017. Please see Application Grant Types for more information.
Once you have a verification code, use this endpoint to login the user with their phone number/email and verification code. This is active authentication, so the user must enter the code in your app.

Remarks

  • The profile scope value requests access to the End-User’s default profile Claims, which are: name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, and updated_at.
  • The email scope value requests access to the email and email_verified Claims.
  • The sample auth0.js script uses the library version 8. If you are using auth0.js version 7, please see this reference guide.

Learn More

Body Parameters

grant_type
string
required
Grant type, must be password.
client_id
string
required
The client_id of your application.
connection
string
required
Use sms or email (should be the same as POST /passwordless/start).Allowed values: email, sms
username
string
required
The user’s phone number if connection=sms, or the user’s email if connection=email.
password
string
required
The user’s verification code.
scope
string
Use openid to get an ID Token, or openid profile email to include user profile information in the ID Token.
redirect_uri
string
required
Callback URL registered with your application’s Allowed Callback URLs.

Response Messages