View Categories

Verify the phone number

πŸ“± Phone Number β€” Verify Code API #

Gateway Path: /User/phone-number/verify
Service: Authentication & Authorization
Method: POST
Auth: Bearer token in Authorization header


1) πŸ“– Overview & Purpose #

Validates a one-time SMS code and marks the user’s phone number as verified.
This enables features that require a verified phone


2) πŸ”— Endpoint Definition #

HTTP: POST /User/phone-number/verify

Headers #

  • Authorization: Bearer <token> β€” valid access token

  • Content-Type: application/json

Request Body (example) #

{
    "id": 2025,
    "code": "714982"
}

Fields #

  • id (integer, required, int32) β€” User identifier. Range: 1..2147483647

  • code (string, required) β€” Non-empty SMS verification code


3) πŸ“‘ Responses #

βœ… 3.1 Success β€” 200 OK #

Phone marked as verified.
Body: none (the service may optionally return a minimal confirmation object).


⚠️ 3.2 Validation Error β€” 400 Bad Request #

Typical cases:

  • Missing/empty code

    {
        "errors": {
            "Code": [
                "The Code field is required."
            ]
        },
        "title": "One or more validation errors occurred.",
        "status": 400,
        "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1",
        "traceId": "00-...-..."
    }

  • Incorrect/expired code

    {
        "errors": {
            "Error": [
                "Invalid code."
            ]
        },
        "title": "Bad Request",
        "status": 400,
        "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1",
        "traceId": "00-...-..."
    }


❌ 3.3 Server Error β€” 500 Internal Server Error #

Unexpected failure.
Body: usually empty (use traceId/logs for diagnostics).


4) πŸ›‘ Validation Rules #

  • id: required; integer in 1..2147483647

  • code: required; non-empty; must match the latest issued code; not expired/used

  • Throttling: repeated failures may be temporarily blocked per policy


5) πŸ’» Examples #

5.1 cURL #

curl -X POST "https://api-test.10npay.com/User/phone-number/verify" \ -H "Authorization: Bearer <YOUR_SECRET_TOKEN>" \ -H "Content-Type: application/json" \ -d '{"id":2025,"code":"714982"}' -i

5.2 C# (.NET) #

using System.Net.Http; using System.Net.Http.Headers; var req = new HttpRequestMessage(HttpMethod.Post, "https://api-test.10npay.com/User/phone-number/verify"); req.Headers.Authorization = new AuthenticationHeaderValue("Bearer", "<YOUR_SECRET_TOKEN>"); req.Content = new StringContent("{\"id\":2025,\"code\":\"714982\"}"); req.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json"); using var http = new HttpClient(); using var res = await http.SendAsync(req); res.EnsureSuccessStatusCode(); // 200 OK on success

5.3 JavaScript (fetch)

await fetch("https://api-test.10npay.com/User/phone-number/verify", { method: "POST", headers: { Authorization: "Bearer <YOUR_SECRET_TOKEN>", "Content-Type": "application/json" }, body: JSON.stringify({ id: 2025, code: "714982" }) }); // Expect 200 OK


6) πŸ”„ Sequence #

  1. Client β†’ API Gateway: POST /User/phone-number/verify (Bearer, JSON body)

  2. Gateway β†’ Auth: Validate token

  3. Gateway β†’ Verification Service: Validate code (match + TTL + attempt count)

  4. Verification Service β†’ User Store: Mark phone as verified

  5. Gateway β†’ Client: 200 OK (or 400/500 on error)

Powered by BetterDocs