> Portal Navigation: > > - Append `.md` to any URL under `https://dev.wix.com/docs/` to get its markdown version. > - Pages are either content pages (article or reference text) or menu pages (a list of links to child pages). > - To get a menu page, truncate any URL to a parent path and append `.md` (e.g. `https://dev.wix.com/docs/sdk.md`, `https://dev.wix.com/docs/sdk/core-modules.md`). > - Top-level index of all portals: https://dev.wix.com/docs/llms.txt > - Full concatenated docs: https://dev.wix.com/docs/llms-full.txt # VerifyDuringAuthentication # Package: headless # Namespace: VerificationService # Method link: https://dev.wix.com/docs/api-reference/business-management/headless/verification/verify-during-authentication.md ## Introduction Continues the registration process when a member is required to verify an email address using a verification code received by email. Email verification is required when the registering member is already listed as a contact. Typically, after a successful verification, you generate and use member tokens for the registered member so that subsequent API calls are called as part of a member session. --- ## REST API ### Schema ``` Method: verifyDuringAuthentication Description: Continues the registration process when a member is required to verify an email address using a verification code received by email. Email verification is required when the registering member is already listed as a contact. Typically, after a successful verification, you generate and use member tokens for the registered member so that subsequent API calls are called as part of a member session. URL: https://www.wixapis.com/v1/auth/verify Method: POST # Note: If the parameter `a.b` is listed under required parameters, `b` is only required if `a` is also present. Required parameters: code, stateToken Method parameters: param name: code | type: code | description: The code to verify. | required: true param name: stateToken | type: stateToken | description: A state token representing the `REQUIRE_EMAIL_VERIFICATION` state. | required: true Return type: StateMachineResponse - name: state | type: StateType | description: Current state of the login or registration process. - enum: - UNKNOWN_STATE: Initial unknown state. - SUCCESS: Login completed successfully. - REQUIRE_OWNER_APPROVAL: Member needs the owner to approve their registration. - REQUIRE_EMAIL_VERIFICATION: Member needs to verify their email. - STATUS_CHECK: The `status` is not one that prevents the member logging in, meaning it's not `OFFLINE`, `BLOCKED`, or `DELETED`. - name: sessionToken | type: string | description: Session token. If `state` is not `SUCCESS`, this field is undefined. - name: stateToken | type: string | description: Token that represents the current state of the login or registration process. - name: identity | type: Identity | description: Identity of the current member. - name: id | type: string | description: Identity GUID. - name: revision | type: string | description: Revision number, which increments by 1 each time the identity is updated. To prevent conflicting changes, the current revision must be passed when updating the identity. Ignored when creating an identity. - name: createdDate | type: string | description: Date and time the identity was created. - name: updatedDate | type: string | description: Date and time the identity was updated. - name: connections | type: array | description: The identity configured connections to authenticate with. - ONE-OF: - name: idpConnection | type: IdpConnection | description: IDP connection. - name: idpConnectionId | type: string | description: IDP connection GUID. - name: idpUserId | type: string | description: IDP user GUID. - name: authenticatorConnection | type: AuthenticatorConnection | description: Authenticator connection. - name: authenticatorConnectionId | type: string | description: Authenticator connection GUID. - name: reEnrollmentRequired | type: boolean | description: Whether re-enrollment is required. - name: identityProfile | type: IdentityProfile | description: Identity profile. - name: firstName | type: string | description: Member's first name. - name: lastName | type: string | description: Member's last name. - name: nickname | type: string | description: Member's display nickname. - name: picture | type: string | description: URL to member's profile picture. - name: labels | type: array | description: Labels associated with the member. - name: language | type: string | description: Member's preferred language code. - name: privacyStatus | type: PrivacyStatus | description: Member's profile visibility setting. - enum: - UNDEFINED: No privacy status defined. - PUBLIC: Profile details are visible to other members. - PRIVATE: Profile details are hidden from other members. - name: customFields | type: array | description: Any number of custom fields. [Custom fields](https://support.wix.com/en/article/adding-custom-fields-to-contacts) are used to store additional information about your site or app's contacts. - name: name | type: string | description: Custom field name matching an extended field key (without `custom.` prefix). Must match a key from [`List Extended Fields`](https://dev.wix.com/docs/rest/api-reference/contacts/extended-fields/list-extended-fields.md). - name: value | type: CustomValue | description: Value for the custom field. - ONE-OF: - name: strValue | type: string | description: Text value. - name: numValue | type: number | description: Numeric value. - name: dateValue | type: string | description: Date/time value. - name: listValue | type: ListValue | description: List of values. - name: value | type: array | description: List of custom values. - name: mapValue | type: MapValue | description: Key-value pairs. - name: value | type: Map | description: Map of custom field values. - name: boolValue | type: boolean | description: Bool value - name: secondaryEmails | type: array | description: Additional email addresses for the member. - name: email | type: string | description: Secondary email address. - name: tag | type: EmailTag | description: Email tag. - enum: UNTAGGED, MAIN, HOME, WORK - name: phonesV2 | type: array | description: Phone numbers associated with the member. - name: countryCode | type: string | description: Country code for the phone number. - name: phone | type: string | description: Phone number without country code. - name: tag | type: PhoneTag | description: Phone tag. - enum: UNTAGGED, MAIN, HOME, MOBILE, WORK, FAX - name: addresses | type: array | description: Physical addresses for the member. - name: address | type: Address | description: Physical address details. - name: country | type: string | description: Country code. - name: subdivision | type: string | description: Subdivision. Usually a state, region, prefecture, or province code, according to [ISO 3166-2](https://en.wikipedia.org/wiki/ISO_3166-2). - name: city | type: string | description: City name. - name: postalCode | type: string | description: Zip/postal code. - name: addressLine | type: string | description: Main address line, usually street and number as free text. - name: addressLine2 | type: string | description: Free text providing more detailed address info. Usually contains apartment, suite, and floor. - name: streetName | type: string | description: Street name. - name: streetNumber | type: string | description: Street number. - name: tag | type: AddressTag | description: Address tag. - enum: UNTAGGED, HOME, WORK, BILLING, SHIPPING - name: company | type: string | description: Company name. - name: position | type: string | description: Position within company. - name: birthdate | type: string | description: Member's birth date in `YYYY-MM-DD` format. - name: slug | type: string | description: URL-friendly slug for the member's profile. - name: subscription | type: boolean | description: Whether the member consents to receive marketing communications. - name: vatId | type: string | description: Tax GUID or VAT number for personal or corporate use. - name: metadata | type: Metadata | description: Additional information about the identity that can impact user access. This data cannot be set. EMPTY-OBJECT {} - name: email | type: Email | description: Identity email address. - name: address | type: string | description: Email address. - name: isVerified | type: boolean | description: Whether the email address is verified. - name: status | type: StatusV2 | description: Identity's current status. - name: name | type: StatusName | description: Descriptive name of the identity status. - enum: - UNKNOWN_STATUS: Unknown status. This value isn't used. - PENDING: Identity is pending verification, owner approval, or both. - ACTIVE: Identity is active and can log in. - DELETED: Identity is deleted. This identity can't log in. - BLOCKED: Identity is blocked. This identity can't log in. - OFFLINE: Identity is offline. This identity can't log in. - name: reasons | type: array | description: Reasons for the current identity status. - enum: - UNKNOWN_REASON: Unknown reason. This value isn't used. - PENDING_ADMIN_APPROVAL_REQUIRED: The identity is waiting for admin approval. After the approval, the identity has an `ACTIVE` status. - PENDING_EMAIL_VERIFICATION_REQUIRED: The identity has to verify the email. After the verification, the identity has an `ACTIVE` status. - name: factors | type: array | description: Identity verification factors. - name: factorId | type: string | description: Factor GUID. - name: type | type: FactorType | description: Factor type. - enum: - PASSWORD: Requires a password. - SMS: Requires a code sent via SMS. - CALL: Requires a code sent by phone call. - EMAIL: Requires a code sent by email. - TOTP: Requires authentication via an authenticator app. - PUSH: Requires authentication via a push notification. - WEBAUTHN: Requires authentication via WebAuthn/passkey. - RECOVERY_CODE: Requires a recovery code. - name: status | type: Status | description: Factor status. - enum: - INACTIVE: Factor requires activation. - ACTIVE: Factor is active and can be used for authentication. - REQUIRE_REENROLL: Factor is blocked and cannot be used for authentication. The user should reenroll the factor. - name: additionalData | type: Map | description: Additional data relevant to the login or registration process. - ONE-OF: - name: strValue | type: string | description: String value. - name: numValue | type: number | description: Number value. - name: dateValue | type: string | description: Date value. - name: listValue | type: ListValue | description: List value. - name: value | type: array | description: Custom value. - name: mapValue | type: MapValue | description: Map value. - name: value | type: Map | description: Mapped custom value. ``` ### Examples ### Verify an email address ```curl curl -X POST \ 'https://www.wixapis.com/_api/iam/verification/v1/auth/verify' \ -H 'Content-Type: application/json' \ -H 'Authorization: ' \ -d '{ "code": "254883", "stateToken": "AST.eyJraWQiOiJRUWpMeE1KaCIsImFsZyI6IlJTMjU2In0..." }' ``` --- ## JavaScript SDK ### Schema ``` Method: wixClientAdmin.headless.VerificationService.verifyDuringAuthentication(code, options) Description: Continues the registration process when a member is required to verify an email address using a verification code received by email. Email verification is required when the registering member is already listed as a contact. Typically, after a successful verification, you generate and use member tokens for the registered member so that subsequent API calls are called as part of a member session. # Note: If the parameter `a.b` is listed under required parameters, `b` is only required if `a` is also present. Required parameters: code, options.stateToken, options Method parameters: param name: code | type: string | description: The code to verify. | required: true param name: options | type: VerifyDuringAuthenticationOptions none | required: true - name: stateToken | type: string | description: A state token representing the `REQUIRE_EMAIL_VERIFICATION` state. | required: true Return type: PROMISE - name: state | type: StateType | description: Current state of the login or registration process. - enum: - UNKNOWN_STATE: Initial unknown state. - SUCCESS: Login completed successfully. - REQUIRE_OWNER_APPROVAL: Member needs the owner to approve their registration. - REQUIRE_EMAIL_VERIFICATION: Member needs to verify their email. - STATUS_CHECK: The `status` is not one that prevents the member logging in, meaning it's not `OFFLINE`, `BLOCKED`, or `DELETED`. - name: sessionToken | type: string | description: Session token. If `state` is not `SUCCESS`, this field is undefined. - name: stateToken | type: string | description: Token that represents the current state of the login or registration process. - name: identity | type: Identity | description: Identity of the current member. - name: _id | type: string | description: Identity GUID. - name: revision | type: string | description: Revision number, which increments by 1 each time the identity is updated. To prevent conflicting changes, the current revision must be passed when updating the identity. Ignored when creating an identity. - name: _createdDate | type: Date | description: Date and time the identity was created. - name: _updatedDate | type: Date | description: Date and time the identity was updated. - name: connections | type: array | description: The identity configured connections to authenticate with. - ONE-OF: - name: idpConnection | type: IdpConnection | description: IDP connection. - name: idpConnectionId | type: string | description: IDP connection GUID. - name: idpUserId | type: string | description: IDP user GUID. - name: authenticatorConnection | type: AuthenticatorConnection | description: Authenticator connection. - name: authenticatorConnectionId | type: string | description: Authenticator connection GUID. - name: reEnrollmentRequired | type: boolean | description: Whether re-enrollment is required. - name: identityProfile | type: IdentityProfile | description: Identity profile. - name: firstName | type: string | description: Member's first name. - name: lastName | type: string | description: Member's last name. - name: nickname | type: string | description: Member's display nickname. - name: picture | type: string | description: URL to member's profile picture. - name: labels | type: array | description: Labels associated with the member. - name: language | type: string | description: Member's preferred language code. - name: privacyStatus | type: PrivacyStatus | description: Member's profile visibility setting. - enum: - UNDEFINED: No privacy status defined. - PUBLIC: Profile details are visible to other members. - PRIVATE: Profile details are hidden from other members. - name: customFields | type: array | description: Any number of custom fields. [Custom fields](https://support.wix.com/en/article/adding-custom-fields-to-contacts) are used to store additional information about your site or app's contacts. - name: name | type: string | description: Custom field name matching an extended field key (without `custom.` prefix). Must match a key from [`List Extended Fields`](https://dev.wix.com/docs/rest/api-reference/contacts/extended-fields/list-extended-fields.md). - name: value | type: CustomValue | description: Value for the custom field. - ONE-OF: - name: strValue | type: string | description: Text value. - name: numValue | type: number | description: Numeric value. - name: dateValue | type: Date | description: Date/time value. - name: listValue | type: ListValue | description: List of values. - name: value | type: array | description: List of custom values. - name: mapValue | type: MapValue | description: Key-value pairs. - name: value | type: Map | description: Map of custom field values. - name: boolValue | type: boolean | description: Bool value - name: secondaryEmails | type: array | description: Additional email addresses for the member. - name: email | type: string | description: Secondary email address. - name: tag | type: EmailTag | description: Email tag. - enum: UNTAGGED, MAIN, HOME, WORK - name: phonesV2 | type: array | description: Phone numbers associated with the member. - name: countryCode | type: string | description: Country code for the phone number. - name: phone | type: string | description: Phone number without country code. - name: tag | type: PhoneTag | description: Phone tag. - enum: UNTAGGED, MAIN, HOME, MOBILE, WORK, FAX - name: addresses | type: array | description: Physical addresses for the member. - name: address | type: Address | description: Physical address details. - name: city | type: string | description: none - name: subdivision | type: string | description: none - name: country | type: string | description: none - name: postalCode | type: string | description: none - name: addressLine2 | type: string | description: none - name: tag | type: AddressTag | description: Address tag. - enum: UNTAGGED, HOME, WORK, BILLING, SHIPPING - name: company | type: string | description: Company name. - name: position | type: string | description: Position within company. - name: birthdate | type: string | description: Member's birth date in `YYYY-MM-DD` format. - name: slug | type: string | description: URL-friendly slug for the member's profile. - name: subscription | type: boolean | description: Whether the member consents to receive marketing communications. - name: vatId | type: string | description: Tax GUID or VAT number for personal or corporate use. - name: email | type: Email | description: Identity email address. - name: address | type: string | description: Email address. - name: isVerified | type: boolean | description: Whether the email address is verified. - name: status | type: StatusV2 | description: Identity's current status. - name: name | type: StatusName | description: Descriptive name of the identity status. - enum: - UNKNOWN_STATUS: Unknown status. This value isn't used. - PENDING: Identity is pending verification, owner approval, or both. - ACTIVE: Identity is active and can log in. - DELETED: Identity is deleted. This identity can't log in. - BLOCKED: Identity is blocked. This identity can't log in. - OFFLINE: Identity is offline. This identity can't log in. - name: reasons | type: array | description: Reasons for the current identity status. - enum: - UNKNOWN_REASON: Unknown reason. This value isn't used. - PENDING_ADMIN_APPROVAL_REQUIRED: The identity is waiting for admin approval. After the approval, the identity has an `ACTIVE` status. - PENDING_EMAIL_VERIFICATION_REQUIRED: The identity has to verify the email. After the verification, the identity has an `ACTIVE` status. - name: factors | type: array | description: Identity verification factors. - name: factorId | type: string | description: Factor GUID. - name: type | type: FactorType | description: Factor type. - enum: - PASSWORD: Requires a password. - SMS: Requires a code sent via SMS. - CALL: Requires a code sent by phone call. - EMAIL: Requires a code sent by email. - TOTP: Requires authentication via an authenticator app. - PUSH: Requires authentication via a push notification. - WEBAUTHN: Requires authentication via WebAuthn/passkey. - RECOVERY_CODE: Requires a recovery code. - name: status | type: Status | description: Factor status. - enum: - INACTIVE: Factor requires activation. - ACTIVE: Factor is active and can be used for authentication. - REQUIRE_REENROLL: Factor is blocked and cannot be used for authentication. The user should reenroll the factor. - name: additionalData | type: Map | description: Additional data relevant to the login or registration process. - ONE-OF: - name: strValue | type: string | description: String value. - name: numValue | type: number | description: Number value. - name: dateValue | type: Date | description: Date value. - name: listValue | type: ListValue | description: List value. - name: value | type: array | description: Custom value. - name: mapValue | type: MapValue | description: Map value. - name: value | type: Map | description: Mapped custom value. ``` ### Examples ### verifyDuringAuthentication ```javascript import { verification } from '@wix/identity'; async function verifyDuringAuthentication(code,options) { const response = await verification.verifyDuringAuthentication(code,options); }; ``` ### verifyDuringAuthentication (with elevated permissions) ```javascript import { verification } from '@wix/identity'; import { auth } from '@wix/essentials'; async function myVerifyDuringAuthenticationMethod(code,options) { const elevatedVerifyDuringAuthentication = auth.elevate(verification.verifyDuringAuthentication); const response = await elevatedVerifyDuringAuthentication(code,options); } ``` ### verifyDuringAuthentication (self-hosted) Self-hosted SDK calls require you to [create a client](https://dev.wix.com/docs/sdk/articles/work-with-the-sdk/about-the-wix-client.md). ```javascript import { createClient } from '@wix/sdk'; import { verification } from '@wix/identity'; // Import the auth strategy for the relevant access type // Import the relevant host module if needed const myWixClient = createClient ({ modules: { verification }, // Include the auth strategy and host as relevant }); async function verifyDuringAuthentication(code,options) { const response = await myWixClient.verification.verifyDuringAuthentication(code,options); }; ``` ---