# Verify enrolment of a user device for authentication using one-time passwords

The second step in enrolling the logged-in user (root or authorised user) to use one-time-passwords to enable verification of transactions.

_Note that on the Sandbox Environment, text messages are not sent and the verificationCode is always set to \"123456\"._

Endpoint: POST /v1/authentication_factors/otp/{channel}/verify
Version: v1
Security: apiKey, authToken

## Path parameters:

  - `channel` (string, required)
    The unique identifier for the channel.
    Enum: "SMS"

## Request fields (application/json):

  - `verificationCode` (string, required)
    The code received by the user on the device.

## Response 400 fields (application/json):

  - `message` (string)
    When present helps to identify and fix the problem.

  - `syntaxErrors` (object)
    Is returned as part of an HTTP error response whenever a syntax error is detected. A list of the fields together with their syntax error will be provided.

  - `syntaxErrors.invalidFields` (array)

  - `syntaxErrors.invalidFields.params` (array)

  - `syntaxErrors.invalidFields.fieldName` (string)

  - `syntaxErrors.invalidFields.error` (string)
    Enum: "REQUIRED", "HAS_TEXT", "REQUIRES", "SIZE", "RANGE", "IN", "NOT_IN", "REGEX", "EXACTLY", "AT_LEAST", "AT_MOST", "ALL_OR_NONE"

## Response 403 fields (application/json):

  - `errorCode` (string)
    Enum: "INSUFFICIENT_PERMISSIONS"

## Response 404 fields (application/json):

  - `code` (string)

  - `message` (string)

## Response 409 fields (application/json):

  - `errorCode` (string)
    Enum: "CHANNEL_NOT_SUPPORTED", "CHANNEL_ALREADY_REGISTERED", "VERIFICATION_CODE_EXPIRED", "VERIFICATION_CODE_INVALID", "CREDENTIALS_INACTIVE", "ONE_CHALLENGE_LIMIT_REMAINING", "CHALLENGE_LIMIT_EXCEEDED"

## Response default fields (application/json):

  - `code` (string)

  - `message` (string)


## Response 204 fields

## Response 401 fields

## Response 429 fields

## Response 500 fields

## Response 503 fields