Step 2: Verify OTP

The second step is to verify the one-time passcode. The end-user provided one-time passcode must be sent to GlobalGateway using the OTP endpoint. GlobalGateway will verify the passcode and immediately return a response.

Request

The transactionID will be returned in the Verify response. It will also be sent to the provided CallbackURL. A sample request to the GlobalGateway API can be found below:

POST /v1/otp HTTP/1.1
Host: <<endpoint>>
Content-Type: application/json
Authorization: Basic ACCESS_TOKEN

{
    "transactionId":"69c8cb26-193d-4ee4-9e0e-becc3dce8383",
    "passcode":"123456"
}

Response

A sample response returned by the GlobalGateway API can be found below:

{
    "statusCode": 200,
    "description": "The user has been verified with the correct passcode.",
    "numberOfFailedAttempts": 0,
    "numberOfResends": 0
}

GlobalGateway returns a range of status codes. The API response also provides information about the number of failed attempts to enter the correct passcode. Refer to the table below for more information:

Status Code Value

Description

200

The user has been verified with the correct passcode.

300

The user has entered an incorrect passcode.

400

The passcode has been expired. This could be due to exceeding the expiry time or the maximum number of retries.

410

The transaction with the requested ID has already been closed.

422

The transaction ID in the request is invalid.


Did this page help you?