Skip to content
Home » Octopush Gateway SMS API » (2FA) Two Factor Authentication » OTP / MFA – Code Validation

OTP / MFA – Code Validation


Encodage : UTF-8


Your “api-key” and “api-login” identifiers must be added in the headers.


Allows you to validate an OTP code generated on Octopush.

Special parameters

phone_numberstring(optional, required if otp_request_token is absent) International phone number +XXZZZZZ: “+33611223344”.
codestringOTP code typed by your visitor/user.
otp_request_tokenstring(optional, required if phone_number is missing) Token of the OTP you are trying to validate. If this value is missing, Octopush will try to validate the last code sent to this recipient.

Curl Example

curl -X PUT \ 
'' \ 
-H 'Content-Type: application/json' \ 
-H 'api-login: ******' \ 
-H 'api-key: ************' \ 
-H 'cache-control: no-cache' \ 
-d '
  "code": "TRQXSDYNJY",
  "otp_request_token": "otp_111111dab2222222aaa33333"

Command to copy/paste

curl -X PUT '' -H 'Content-Type: application/json' -H 'api-login: ******' -H 'api-key: ************' -H 'cache-control: no-cache' -d '{"code": "TRQXSDYNJY", "otp_request_token": "otp_111111dab2222222aaa33333"}'

JSON Server Response

Success : 200 Created

  "code": 0,
  "message": "success"

Error : 400 BAD REQUEST

  "code": 199,
  "message": "Wrong OTP code.",
  "remaining_number_of_attempts": 3

Failure : 400 BAD REQUEST

  "code": 194,
  "message": "At least phone number or request token is mandatory."

Examples of return codes

194At least phone number or request token is mandatory.
195The code field is mandatory.
196Maximum amount of wrong attempts has been reached.
197OTP Request expired.
198OTP Request not found.
199Wrong otp code.