# Verify Token **POST /v1/auth/oauth/verify** Verify an internal OAuth token redirected to your application upon the completion of the OAuth flow. This token is generated by MoonKey and can be used to exchange for the authenticated user information and/or the original `access_token` and `refresh_token` of the idp providers that can be used directly with the external OAuth providers (e.g., Google, Apple, Microsoft, etc). ## HTTP Request `POST /v1/auth/oauth/verify` ## Returns A successful response returns `user_id`, `idp_session` property with data from the OAuth provider by default. `Session` object in `session` property if any of the `session_token`, `session_jwt`, or `session_expires_in` is valid. ## Servers - Production: https://api.moonkey.fun (Production) ## Authentication methods - Authorization ## Parameters ### Body: application/json (object) - **token** (string) `Required` OAuthToken provided to the login/signup redirect url to authenticate the OAuth session and exchange user info and idp `access_token` and `refresh_token`. - **session_expires_in** (number) Extend the session expiration time to N minutes from now, must be between 5 to 525600 minutes (365 days). This parameter will create a new session if there is no existing session along with a `session_token` and `session_jwt`. However, if a valid `session_token` or `session_jwt` is sent in, it will extend that session by the minutes specified. If not sent in and no valid `session_token` or `session_jwt` included, it will be ignored and no MoonKey session will be created by default. - **session_token** (string) Unique session token to verify. - **session_jwt** (string) Unique Session JWT to verify. ## Responses ### 200 #### Body: application/json (object) - **provider_subject** (string) - **provider** (string) - **user_id** (string) - **idp_session** (object) Returned if `session_type` with value `idp` is used. - **session_token** (string) - **session_jwt** (string) - **session** (object) [Powered by Bump.sh](https://bump.sh)