Skip to content

Verification

Verify user data that will enrich their profile

Download OpenAPI description
verification.openapi.json
verification.openapi.yaml
Languages
Servers
Sandbox environment
https://api.sbx.transmitsecurity.io/cis
Production environment (US)
https://api.transmitsecurity.io/cis
Production environment (EU)
https://api.eu.transmitsecurity.io/cis
Production environment (CA)
https://api.ca.transmitsecurity.io/cis
Production environment (AU)
https://api.au.transmitsecurity.io/cis

Send email link

Request

Send an email magic link to the given email address. This requires a logged-in user so it must be authorized using a valid user access token returned upon successful authentication

Security
UserAccessToken
Bodyapplication/jsonrequired
emailstringrequired

Email to send the magic link to

Example: "name@example.com"
redirect_uristringrequired

URI where the email link will redirect to. The verification result will be included as a boolean query parameter called result (for example, https://www.example.com/verify?result=true). This URI must also be configured as an allowed redirect URI in the Admin Portal.

Example: "https://www.example.com/verify"
email_contentobject

Texts, logo and color to render email template with

update_primaryboolean

Allows the request to update the user's current verified primary email. If the user profile already has a verified primary email, it will override it if true or add it as their secondary email if false

Default false
curl -i -X POST \
  https://api.sbx.transmitsecurity.io/cis/v1/verification/links/email \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "email": "name@example.com",
    "redirect_uri": "https://www.example.com/verify",
    "email_content": {
      "subject": "string",
      "primaryColor": "#6981FF",
      "base64logo": "string",
      "headerText": "string",
      "bodyText": "string",
      "linkText": "string",
      "infoText": "string",
      "footerText": "If you didn'\''t request this email, you can safely ignore it.",
      "senderName": "string"
    },
    "update_primary": false
  }'

Responses

Bodyapplication/json
messagestringread-onlyrequired
Example: "Verification email sent"
Response
application/json
{
  "message": "Verification email sent"
}

Send email OTP

Request

Send a one-time passcode (OTP) by email to the given email address. This requires a logged-in user so it must be authorized using a valid user access token returned upon successful authentication.

Security
UserAccessToken
Bodyapplication/jsonrequired
emailstringrequired

Email to send the OTP to

Example: "name@example.com"
email_contentobject

Texts, logo and color to render email template with

curl -i -X POST \
  https://api.sbx.transmitsecurity.io/cis/v1/verification/otp/email/send \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "email": "name@example.com",
    "email_content": {
      "subject": "string",
      "primaryColor": "#6981FF",
      "base64logo": "string",
      "headerText": "string",
      "bodyText": "string",
      "linkText": "string",
      "infoText": "string",
      "footerText": "If you didn'\''t request this email, you can safely ignore it.",
      "senderName": "string"
    }
  }'

Responses

Bodyapplication/json
messagestringrequired
Example: "Email sent successfully"
Response
application/json
{
  "message": "Email sent successfully"
}

Validate email OTP

Request

Validate a one-time passcode (OTP) sent by email. This API is used to verify the email OTP sent to the user. The email will be added to the user profile and marked as verified. The endpoint will not authenticate the user (or create new users), and no tokens are returned.

Security
UserAccessToken
Bodyapplication/jsonrequired
emailstringrequired

Email that the OTP was sent to

passcodestringrequired

Email code to validate

update_primaryboolean

Allows the request to update the user's current verified primary email. If the user profile already has a verified primary email, it will override it if true or add it as their secondary email if false

Default false
curl -i -X POST \
  https://api.sbx.transmitsecurity.io/cis/v1/verification/otp/email/validate \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "email": "string",
    "passcode": "string",
    "update_primary": false
  }'

Responses

Bodyapplication/json
resultbooleanread-onlyrequired

Boolean value indicating if OTP email verification succeeded

Response
application/json
{
  "result": true
}

Send SMS OTP

Request

Send a one-time passcode (OTP) by SMS to the given phone number. This requires a logged-in user so it must be authorized using a valid user access token returned upon successful authentication

Security
UserAccessToken
Bodyapplication/jsonrequired
custom_messagestring

Message to send, must contain {otp} and {app} placeholders to be replaced with one time password and application name. Limited to 140 characters

sender_idstring

The sender name that appears as the message sender on recipients devices. Limited to 11 characters. Limited support see https://docs.aws.amazon.com/sns/latest/dg/sns-supported-regions-countries.html

phone_numberstringrequired

Phone number to send the OTP to

curl -i -X POST \
  https://api.sbx.transmitsecurity.io/cis/v1/verification/otp/sms/send \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "custom_message": "string",
    "sender_id": "string",
    "phone_number": "string"
  }'

Responses

Bodyapplication/json
messagestringread-onlyrequired
Example: "SMS sent"
Response
application/json
{
  "message": "SMS sent"
}

Validate SMS OTP

Request

Validate a one-time passcode (OTP) sent by SMS. This API is used to verify the SMS OTP sent to the user. The phone number will be added to the user profile and marked as verified. The endpoint will not authenticate the user (or create new users), and no tokens are returned.

Security
UserAccessToken
Bodyapplication/jsonrequired
phone_numberstringrequired

Phone number that the SMS OTP was sent to

passcodestringrequired

OTP to validate

update_primaryboolean

Allows the request to update the user's current verified primary phone number. If the user profile already has a verified primary phone number, it will override it if true or add it as their secondary phone number if false

Default false
curl -i -X POST \
  https://api.sbx.transmitsecurity.io/cis/v1/verification/otp/sms/validate \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "phone_number": "string",
    "passcode": "string",
    "update_primary": false
  }'

Responses

Bodyapplication/json
resultbooleanread-onlyrequired

Boolean value indicating if SMS verification succeeded

Response
application/json
{
  "result": true
}

Send email OTP

Request

Send a one-time passcode (OTP) by email to the given email address for a specified user. This requires a client access token (client credentials) and the user ID is provided as a path parameter.

Required permissions: apps:execute, [appId]:execute, auth:execute.

Security
ClientAccessToken
Path
user_idstringrequired

ID of the user

Bodyapplication/jsonrequired
emailstringrequired

Email to send the OTP to

Example: "name@example.com"
email_contentobject

Texts, logo and color to render email template with

curl -i -X POST \
  'https://api.sbx.transmitsecurity.io/cis/v1/users/{user_id}/email/otp/verification/send' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "email": "name@example.com",
    "email_content": {
      "subject": "string",
      "primaryColor": "#6981FF",
      "base64logo": "string",
      "headerText": "string",
      "bodyText": "string",
      "linkText": "string",
      "infoText": "string",
      "footerText": "If you didn'\''t request this email, you can safely ignore it.",
      "senderName": "string"
    }
  }'

Responses

Bodyapplication/json
messagestringrequired
Example: "Email sent successfully"
Response
application/json
{
  "message": "Email sent successfully"
}

Send SMS OTP

Request

Send a one-time passcode (OTP) by SMS to the given phone number for a specified user. This requires a client access token (client credentials) and the user ID is provided as a path parameter.

Required permissions: apps:execute, [appId]:execute, auth:execute.

Security
ClientAccessToken
Path
user_idstringrequired

ID of the user

Bodyapplication/jsonrequired
custom_messagestring

Message to send, must contain {otp} and {app} placeholders to be replaced with one time password and application name. Limited to 140 characters

sender_idstring

The sender name that appears as the message sender on recipients devices. Limited to 11 characters. Limited support see https://docs.aws.amazon.com/sns/latest/dg/sns-supported-regions-countries.html

phone_numberstringrequired

Phone number to send the OTP to

curl -i -X POST \
  'https://api.sbx.transmitsecurity.io/cis/v1/users/{user_id}/sms/otp/verification/send' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "custom_message": "string",
    "sender_id": "string",
    "phone_number": "string"
  }'

Responses

Bodyapplication/json
messagestringread-onlyrequired
Example: "SMS sent"
Response
application/json
{
  "message": "SMS sent"
}