Skip to main content
POST
/
signin
/
mfa
/
totp
Verify TOTP for MFA
curl --request POST \
  --url https://{subdomain}.auth.{region}.nhost.run/v1/signin/mfa/totp \
  --header 'Content-Type: application/json' \
  --data '{
  "ticket": "<string>",
  "otp": "<string>"
}'
{
  "session": {
    "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "accessTokenExpiresIn": 900,
    "refreshTokenId": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
    "refreshToken": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
    "user": {
      "avatarUrl": "https://myapp.com/avatars/user123.jpg",
      "createdAt": "2023-01-15T12:34:56Z",
      "defaultRole": "user",
      "displayName": "John Smith",
      "email": "john.smith@nhost.io",
      "emailVerified": true,
      "id": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
      "isAnonymous": false,
      "locale": "en",
      "metadata": {
        "firstName": "John",
        "lastName": "Smith"
      },
      "phoneNumber": "+12025550123",
      "phoneNumberVerified": false,
      "roles": [
        "user",
        "customer"
      ],
      "activeMfaType": "<string>"
    }
  }
}

Body

application/json

MFA ticket and TOTP code for multi-factor authentication verification

ticket
string
required

Ticket

otp
string
required

One time password

Response

MFA verification successful, session created

Container for session information

session
object

User authentication session containing tokens and user information

I