Step 2: Verify OTP
The second step is to verify the one-time passcode. The end-user provided one-time passcode must be sent to GlobalGateway using the OTP endpoint. GlobalGateway will verify the passcode and immediately return a response.
Request
The transactionID will be returned in the Verify response. It will also be sent to the provided CallbackURL. A sample request to the GlobalGateway API can be found below:
POST /v1/otp HTTP/1.1
Host: <<endpoint>>
Content-Type: application/json
Authorization: Basic ACCESS_TOKEN
{
"transactionId":"69c8cb26-193d-4ee4-9e0e-becc3dce8383",
"passcode":"123456"
}
Response
A sample response returned by the GlobalGateway API can be found below:
{
"statusCode": 200,
"description": "The user has been verified with the correct passcode.",
"numberOfFailedAttempts": 0,
"numberOfResends": 0
}
GlobalGateway returns a range of status codes. The API response also provides information about the number of failed attempts to enter the correct passcode. Refer to the table below for more information:
Status Code Value | Description |
---|---|
200 | The user has been verified with the correct passcode. |
300 | The user has entered an incorrect passcode. |
400 | The passcode has been expired. This could be due to exceeding the expiry time or the maximum number of retries. |
410 | The transaction with the requested ID has already been closed. |
422 | The transaction ID in the request is invalid. |
Updated almost 3 years ago
What’s Next