Verify Token

POST /v1/auth/magic_links/verify
Authorization

Verify the magic token of a magic link to authenticate the user. This endpoints verifies that the magic token sent in is valid and returns the method ID and verified user ID.

HTTP Request

POST /v1/auth/magic_links/verify

Returns

A successful response returns an object with method_id, method_type, and verified user_id properties. If session parameters are sent in, session_token, session_jwt and session will be included in the response.

application/json

Body

  • token string Required

    Required Magic Token in the Magic Link received by the User

    Minimum length is 1.

  • session_expires_in integer

    Optional Extend the session expiration time to N minutes from now, must be between 5 to 525600 minutes (365 days). This parameter will create a new session if there is no existing session along with a session_token and session_jwt. However, if a valid session_token or session_jwt is sent in, it will extend that session by the minutes specified. If not sent in, no session will be created by default.

  • session_token string

    Optional Unique session token to verify.

  • session_jwt string

    Optional Unique Session JWT to verify.

Responses

  • 200 application/json

    OK

    Hide response attributes Show response attributes object
    • method_id string Required

      Given ID of the method (email, phone_number, etc.).

      Minimum length is 1.

    • method_type string Required

      Type of the auth method. Possible values: email, phone_number.

      Minimum length is 1. Values are email or phone_number.

    • user_id string Required

      Given user ID of the user.

      Minimum length is 1.

    • session_token string
    • session_jwt string
    • session object
      Hide session attributes Show session attributes object
      • id string Required

        Minimum length is 1.

      • user_id string Required

        Minimum length is 1.

      • session_token string Required

        Minimum length is 1.

      • started_at number Required
      • expires_at number Required
      • last_active_at number Required
      • factors array[object] Required

        At least 1 element.

        Hide factors attributes Show factors attributes object
        • delivery_channel string Required

          Delivery channel for this factor. Possible values: sms, email, totp_authenticator, totp_recovery_code, google_oauth, apple_oauth, microsoft_oauth, discord_oauth, okta_oauth, github_oauth, slack_oauth, facebook_oauth, webauthn_credential, eth_wallet, sol_wallet.

          Minimum length is 1.

        • type string Required

          Authentication type of factor. Possible values: otp, oauth, wallet, totp, webauthn.

          Minimum length is 1.

        • method object Required
          Hide method attributes Show method attributes object
          • id string
          • method_id string Required

            Minimum length is 1.

          • method_type string Required

            Identifier method type. Possible values: email, wallet, phone_number, webauthn.

            Minimum length is 1.

          • last_verified_at number Required
          • phone_number_id string

            Minimum length is 1.

          • phone_number string

            Minimum length is 1.

          • email_id string
          • email string
          • wallet_type string
          • wallet_id string
          • wallet_public_address string
          • totp_id string
          • webauthn_credential_id string
          • provider_subject string
      • device_fingerprint object Required
        Hide device_fingerprint attributes Show device_fingerprint attributes object
        • user_agent string Required
        • ip string Required

          Minimum length is 1.

      • updated_at number Required
      • created_at number Required
  • 400 application/json

    Bad Request

    Hide response attributes Show response attributes object
    • status_code number Required
    • error_message string Required

      Minimum length is 1.

    • error_type string Required

      Minimum length is 1.
POST /v1/auth/magic_links/verify 
curl \
 --request POST 'https://api.streambird.io/v1/auth/magic_links/verify' \
 --header "Authorization: Bearer $ACCESS_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{"token":"CzJ1WTtyCF2wqhavQYiy9m7GayazthwamK4DKC07Ac6B2Fmn"}'
Request example 
{
  "token": "CzJ1WTtyCF2wqhavQYiy9m7GayazthwamK4DKC07Ac6B2Fmn"
}
Response examples (200) 
{
  "user_id": "user_24wFP9pDa9YiMJLun94iKykoZs2",
  "method_id": "email_24oXBL3PufzHkH1Jzyjc2EXYeo7",
  "method_type": "email"
}
Response examples (400) 
{
  "error_type": "invalid_magic_token",
  "status_code": 400,
  "error_message": "Invalid magic link format, magic link missing or invalid."
}