# Validate email OTP

Validate a one-time passcode (OTP) sent by email. This API is used to verify the email OTP sent to the user. The email will be added to the user profile and marked as verified. The endpoint will not authenticate the user (or create new users), and no tokens are returned. Required permissions: apps:execute, [appId]:execute, auth:execute.

Endpoint: POST /v1/users/{user_id}/email/verification/verify
Security: ClientAccessToken

## Path parameters:

  - `user_id` (string, required)
    ID of the user

## Request fields (application/json):

  - `email` (string, required)
    Email that the OTP was sent to

  - `passcode` (string, required)
    Email code to validate

  - `update_primary` (boolean)
    Allows the request to update the user's current verified primary email. If the user profile already has a verified primary email, it will override it if true or add it as their secondary email if false

## Response 200 fields (application/json):

  - `result` (boolean, required)
    Boolean value indicating if OTP email verification succeeded

## Response 404 fields (application/json):

  - `message` (string, required)

  - `error_code` (number, required)
    Example: 404

## Response 409 fields (application/json):

  - `message` (string, required)
    Example: "Email is already verified in the tenant"

  - `error_code` (number, required)
    Example: 409


## Response 400 fields