Verify OTP Token

Verifies the one-time password (OTP) token used in the secure migration flow

Headers

x-pch-digest
Type: string
required

The signature for the API call
Authorization
Type: string
required

Used to authorize the request with access_token. It should be supplied as Bearer ACCESS_TOKEN_GOES_HERE.
Accept
Type: string
required

Advertises which content types the client is able to understand
Content-Type
Type: string
required

Set this header to application/json.
User-Agent
Type: string
required

Used to identify the software, device, and application initiating the request, providing information about the client to the server. For details, see User Agent.

Body

application/json

client
Type: string
required

OAuth client ID provided by the business
token
Type: string
required

One-time password (OTP) token
verification_mode
Type: string
required

Can be either email address or phone number

Responses

application/json

put/api2/mobile/verify_token

curl https://SERVER_NAME_GOES_HERE.punchh.com/api2/mobile/verify_token \
  --request PUT \
  --header 'x-pch-digest: {{$$.env.signature}}' \
  --header 'Authorization: Bearer ACCESS_TOKEN_GOES_HERE' \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --header 'User-Agent: AppName/AppVersion/BuildNumber (OS; Model; MANUFACTURER; MODEL; OS Version)' \
  --data '{
  "client": "CLIENT_GOES_HERE",
  "token": "OTP_GOES_HERE",
  "verification_mode": "1111111111"
}'

Show Schema

{}