Skip to main content

Documentation Index

Fetch the complete documentation index at: https://auth0-feat-authentication-api-migration.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

POST /passwordless/verify
This feature is disabled by default for new tenants as of 8 June 2017. Please see Application Grant Types for more information.
Once you have a verification code, use this endpoint to login the user with their phone number/email and verification code. This is active authentication, so the user must enter the code in your app.

Remarks

  • The profile scope value requests access to the End-User’s default profile Claims, which are: name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, and updated_at.
  • The email scope value requests access to the email and email_verified Claims.
  • The sample auth0.js script uses the library version 8. If you are using auth0.js version 7, please see this reference guide.

Learn More

Parameters

grant_type
string
required
Grant type, must be password.
client_id
string
required
The client_id of your application.
connection
string
required
Use sms or email (should be the same as POST /passwordless/start).Allowed values: email, sms
username
string
required
The user’s phone number if connection=sms, or the user’s email if connection=email.
password
string
required
The user’s verification code.
scope
string
Use openid to get an ID Token, or openid profile email to include user profile information in the ID Token.
redirect_uri
string
required
Callback URL registered with your application’s Allowed Callback URLs.

Response

StatusDescription
200User authenticated successfully.
400Bad Request. Invalid parameters.
401Unauthorized. Invalid credentials.
403Forbidden. Client authentication is required.
500Internal Server Error.