Verifycustomerotp

curl --request POST \
  --url https://api.loyalty.dog/v2/giftcards/customers/otp/verify \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "target": "<string>",
  "code": "<string>",
  "name": "<string>"
}
'

{
  "success": true,
  "error": "<string>",
  "verifiedTarget": "<string>",
  "otpType": "<string>",
  "sessionToken": "<string>",
  "identity": {
    "id": "5eb7cf5a86d9755df3a6c593",
    "email": "<string>",
    "phone": "<string>",
    "name": "<string>",
    "verified": true,
    "verifiedAt": "<string>",
    "trustLevel": "<string>"
  }
}

Gift Card Customers

Verifycustomerotp

Verify OTP and Login Customer

Verify the OTP code sent to the customer’s email or phone. On success, finds or creates a GiftCardCustomer record and returns a session token.

Flow:

Verify the OTP code against Redis
Find or create a GiftCardCustomer document in MongoDB
Update customer’s trust level and login metadata
Create a Redis-backed session (24-hour TTL)
Return session token and customer identity

Request Body:

target: Email or phone the OTP was sent to
code: 6-digit OTP code
name: Optional customer name (used during first registration)

Status Codes:

200: OTP verified, session created
400: Invalid code, expired, or too many attempts

POST

giftcards

customers

otp

verify

Verifycustomerotp

curl --request POST \
  --url https://api.loyalty.dog/v2/giftcards/customers/otp/verify \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "target": "<string>",
  "code": "<string>",
  "name": "<string>"
}
'

{
  "success": true,
  "error": "<string>",
  "verifiedTarget": "<string>",
  "otpType": "<string>",
  "sessionToken": "<string>",
  "identity": {
    "id": "5eb7cf5a86d9755df3a6c593",
    "email": "<string>",
    "phone": "<string>",
    "name": "<string>",
    "verified": true,
    "verifiedAt": "<string>",
    "trustLevel": "<string>"
  }
}

Authorizations

Authorization

string

header

required

JWT access token obtained from POST /v2/token.

Body

application/json

Request to verify an OTP code.

target

string

required

Email address or phone number the OTP was sent to

Required string length: 1 - 255

code

string

required

6-digit OTP code

Required string length: 6

Pattern: ^\d{6}$

name

string | null

Customer name (used during registration)

Maximum string length: 255

Response

Successful Response

success

boolean

required

error

string | null

verifiedTarget

string | null

otpType

string | null

sessionToken

string | null

identity

CustomerIdentityResponse · object

Customer identity information returned after successful verification.

Show child attributes

Sendcustomerotp Logoutcustomer