Verify email code
Verifies an email verification code to complete authentication. The auth_flow_token must match a pending login flow, and the code must match the one that was sent to the user's email. On success, returns a JWT token. On failure, returns a Failure response with INVALID_CODE reason. After successful verification, the auth_flow_token is invalidated and cannot be reused.
Verifies an email verification code to complete authentication.
The auth_flow_token must match a pending login flow, and the code must match the one that was sent to the user's email. On success, returns a JWT token. On failure, returns a Failure response with INVALID_CODE reason.
After successful verification, the auth_flow_token is invalidated and cannot be reused.
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
The authentication flow token received from the Login RPC response. This token links the code verification to the original login request. Must be a valid UUID string.
uuidThe six-digit verification code that was sent to the user's email address. Must exactly match the code that was emailed to the user.
Response Body
application/json
application/json
application/json
curl -X POST "http://127.0.0.1:38765/v1/login/email-code" \ -H "Content-Type: application/json" \ -d '{ "authFlowToken": "", "code": "" }'{ "auth_flow_token": "001c8d33-f179-47fb-9db8-4caa31962e87", "email_code": {}, "success": { "token": "string" }, "failure": { "reason": "INVALID_CODE" }}{ "code": 0, "grpc-code": "string", "message": "string", "stack-trace": "string", "details": [ {} ]}{ "code": 0, "grpc-code": "string", "message": "string", "stack-trace": "string", "details": [ {} ]}How is this page?
Update instance metadata PATCH
Updates instance metadata (friendly name or icon). Only one field can be updated per request.
Start login flow POST
Initiates a login flow for the specified email address. If the email is registered, a six-digit verification code is sent to that address. The response always indicates that an email code step is next, regardless of whether the email exists, to prevent email enumeration attacks.