# Verification

Verify user data that will enrich their profile


## Servers

Sandbox environment
```
https://api.sbx.transmitsecurity.io/cis
```

Production environment (US)
```
https://api.transmitsecurity.io/cis
```

Production environment (EU)
```
https://api.eu.transmitsecurity.io/cis
```

Production environment (CA)
```
https://api.ca.transmitsecurity.io/cis
```

Production environment (AU)
```
https://api.au.transmitsecurity.io/cis
```

## Security

### bearer

Type: http
Scheme: bearer
Bearer Format: JWT

### UserAccessToken

A token returned upon end-user authentication, which provides access to resources and data for the user and app for which it was generated

Type: http
Scheme: bearer
Bearer Format: JWT

### AdminAccessToken

A token generated by a management application using the [token endpoint](/openapi/token.openapi/other/getaccesstoken). It provides access to all resources for the tenant and its apps

Type: oauth2

### ClientAccessToken

A token generated by an end-user application using the [token endpoint](/openapi/token.openapi/other/getaccesstoken). It provides access to resources and data on the tenant level or associated with the specific application (but not other apps in the tenant)

Type: oauth2

### OrgAdminAccessToken

A token returned upon B2B authentication for a user that has the organizationAdmin or organizationCreator role.

Type: oauth2

## Download OpenAPI description

[Verification](https://developer.transmitsecurity.com/_bundle/openapi/user/verification.openapi.yaml)

## Other

### Send verification email

 - [POST /v1/users/{user_id}/email/verification/send](https://developer.transmitsecurity.com/openapi/user/verification.openapi/other/sendverificationemail.md): Sends a verification email using the specified method (OTP or magic link) to the specified email address for the selected user. Required permissions: apps:execute, [appId]:execute, auth:execute.

### Validate email OTP

 - [POST /v1/users/{user_id}/email/verification/verify](https://developer.transmitsecurity.com/openapi/user/verification.openapi/other/verifyemailotp.md): Validate a one-time passcode (OTP) sent by email. This API is used to verify the email OTP sent to the user. The email will be added to the user profile and marked as verified. The endpoint will not authenticate the user (or create new users), and no tokens are returned. Required permissions: apps:execute, [appId]:execute, auth:execute.

### Send verification SMS

 - [POST /v1/users/{user_id}/phone/verification/send](https://developer.transmitsecurity.com/openapi/user/verification.openapi/other/sendverificationphone.md): Sends a one-time passcode (OTP) by SMS to the specified phone number for a selected user. Required permissions: apps:execute, [appId]:execute, auth:execute.

### Validate SMS OTP

 - [POST /v1/users/{user_id}/phone/verification/verify](https://developer.transmitsecurity.com/openapi/user/verification.openapi/other/verifyphoneotp.md): Validate a one-time passcode (OTP) sent by SMS. This API is used to verify the SMS OTP sent to the user. The phone number will be added to the user profile and marked as verified. The endpoint will not authenticate the user (or create new users), and no tokens are returned. Required permissions: apps:execute, [appId]:execute, auth:execute.