Verify email with code or link

curl --request POST \
  --url https://api.example.com/api/auth/email/verify \
  --header 'Content-Type: application/json' \
  --data '
{
  "otp": "123456",
  "email": "[email protected]"
}
'

{
  "user": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "email": "[email protected]",
    "metadata": {},
    "emailVerified": true,
    "providers": [
      "<string>"
    ],
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z"
  },
  "accessToken": "<string>",
  "redirectTo": "<string>"
}

Client

Verify email with code or link

Verify email address using the method configured in auth settings (verifyEmailMethod):

Code verification: Provide both email and otp (6-digit numeric code)
Link verification: Provide only otp (64-character hex token from magic link)

Successfully verified users will receive a session token.

The email verification link sent to users always points to the backend API endpoint. If verifyEmailRedirectTo is configured, the backend will redirect to that URL after successful verification. Otherwise, a default success page is displayed.

POST

api

auth

verify

Verify email with code or link

curl --request POST \
  --url https://api.example.com/api/auth/email/verify \
  --header 'Content-Type: application/json' \
  --data '
{
  "otp": "123456",
  "email": "[email protected]"
}
'

{
  "user": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "email": "[email protected]",
    "metadata": {},
    "emailVerified": true,
    "providers": [
      "<string>"
    ],
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z"
  },
  "accessToken": "<string>",
  "redirectTo": "<string>"
}

Body

application/json

otp

string

required

Either a 6-digit numeric code or a 64-character hex token from magic link

Example:

"123456"

string<email>

Required for numeric code verification, omit for magic link verification

Example:

"[email protected]"

Response

Email verified successfully, session created

user

object

Show child attributes

accessToken

string

JWT authentication token

redirectTo

string<uri>

Optional URL to redirect user after verification (only present if configured)

Send email verification (code or link based on config)Send password reset (code or link based on config)

⌘I

Tables

Authentication

Records

Storage

AI Integration

Functions

Realtime

Email

Secrets

Logs

Metadata

Health

Verify email with code or link

Body

Response