Auth0 · Schema
AuthenticateUserWithVerificationCode
Authenticate a user using a verification code.
AI AgentsAuthenticationAuthorizationFGAIdentity ManagementMCPOAuthOktaOpenID ConnectSAMLSecuritySCIM
Properties
| Name | Type | Description |
|---|---|---|
| grant_type | string | It should be http://auth0.com/oauth/grant-type/passwordless/otp. |
| client_id | string | The client_id of your application. |
| client_assertion | string | A JWT containing a signed assertion with your application credentials. Required when Private Key JWT is your application authentication method. |
| client_assertion_type | string | The value is urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method. |
| client_secret | string | The client_secret of your application. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic. Specifically required for Regular Web Applications on |
| username | string | The user's phone number if realm=sms, or the user's email if realm=email. |
| realm | string | Use sms or email (should be the same as POST /passwordless/start) |
| otp | string | The user's verification code. |
| audience | string | API Identifier of the API for which you want to get an Access Token. |
| scope | string | Use openid to get an ID Token, or openid profile email to also include user profile information in the ID Token. |
| redirect_uri | string | A callback URL that has been registered with your application's Allowed Callback URLs. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/AuthenticateUserWithVerificationCode",
"title": "AuthenticateUserWithVerificationCode",
"description": "Authenticate a user using a verification code.",
"type": "object",
"properties": {
"grant_type": {
"type": "string",
"description": "It should be http://auth0.com/oauth/grant-type/passwordless/otp."
},
"client_id": {
"type": "string",
"description": "The client_id of your application."
},
"client_assertion": {
"type": "string",
"description": "A JWT containing a signed assertion with your application credentials. Required when Private Key JWT is your application authentication method."
},
"client_assertion_type": {
"type": "string",
"description": "The value is urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method."
},
"client_secret": {
"type": "string",
"description": "The client_secret of your application. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic. Specifically required for Regular Web Applications only."
},
"username": {
"type": "string",
"description": "The user's phone number if realm=sms, or the user's email if realm=email."
},
"realm": {
"type": "string",
"description": "Use sms or email (should be the same as POST /passwordless/start)"
},
"otp": {
"type": "string",
"description": "The user's verification code."
},
"audience": {
"type": "string",
"description": "API Identifier of the API for which you want to get an Access Token."
},
"scope": {
"type": "string",
"description": "Use openid to get an ID Token, or openid profile email to also include user profile information in the ID Token."
},
"redirect_uri": {
"type": "string",
"description": "A callback URL that has been registered with your application's Allowed Callback URLs."
}
}
}