Verify OTP

Endpoint
Request Body
Implementation Example
Possible Responses
Security Considerations

Once the user receives the OTP via SMS, your application must submit the code along with the sessionId for validation. A successful verification marks the session as used and prevents any further attempts.

Endpoint

Method: POST
Path: /v1/messaging/otp/verify

Request Body

Field	Type	Required	Description
`sessionId`	`string`	Yes	The UUID returned from the `/request` endpoint.
`code`	`string`	Yes	The 6-digit code provided by the user.

Implementation Example

curl -X POST https://api.zeckta.com/v1/messaging/otp/verify \
  -H "Content-Type: application/json" \
  -d '{
    "sessionId": "550e8400-e29b-41d4-a716-446655440000",
    "code": "123456"
  }'

Possible Responses

VERIFIED
INVALID
EXPIRED
LOCKED

Security Considerations

Always use HTTPS.
OTP sessions are single-use.
Do not store sessionId beyond its lifecycle.
Implement backend attempt throttling.
Avoid exposing detailed failure reasons to end users.

Send OTP Token Audience Management

Introduction

Authentication

Messaging

OTP Service

Audience Management

Errors

FAQs

Support

Endpoint

Request Body

Implementation Example

Possible Responses

Security Considerations

Introduction

Authentication

Messaging

OTP Service

Audience Management

Errors

FAQs

Support

​Endpoint

​Request Body

​Implementation Example

​Possible Responses

​Security Considerations

Endpoint

Request Body

Implementation Example

Possible Responses

Security Considerations