End of support notice: On October 30, 2026, AWS will end support for Amazon Pinpoint. After October 30, 2026, you will no longer be able to access the Amazon Pinpoint console or Amazon Pinpoint resources (endpoints, segments, campaigns, journeys, and analytics). For more information, see Amazon Pinpoint end of support. Note: APIs related to SMS, voice, mobile push, OTP, and phone number validate are not impacted by this change and are supported by AWS End User Messaging.
Verify OTP
Use this resource to check the validity of One-Time Passwords (OTPs) that were generated using the OTP Message resource.
URI
/v1/apps/application-id/verify-otp
HTTP methods
POST
Operation ID: VerifyOTPMessage
Verifies a One-Time Password that was generated by the OTP
Message resource.
| Name | Type | Required | Description |
|---|---|---|---|
application-id | String | True | The unique identifier for the application. This identifier is displayed as the Project ID on the Amazon Pinpoint console. |
| Name | Type | Required | Description |
|---|---|---|---|
accept | String | False | Indicates which content types, expressed as MIME types, the client understands. |
| Status code | Response model | Description |
|---|---|---|
200 | VerificationResponse | 200 response |
400 | MessageBody | The request contains a syntax error (BadRequestException). |
403 | MessageBody | The request was denied because access to the specified resource is forbidden (ForbiddenException). |
404 | MessageBody | The request failed because the specified resource was not found (NotFoundException). |
405 | MessageBody | The request failed because the method is not allowed for the specified resource (MethodNotAllowedException). |
413 | MessageBody | The request failed because the payload for the body of the request is too large (RequestEntityTooLargeException). |
429 | MessageBody | The request failed because too many requests were sent during a certain amount of time (TooManyRequestsException). |
500 | MessageBody | The request failed due to an unknown internal server error, exception, or failure (InternalServerErrorException). |
OPTIONS
| Name | Type | Required | Description |
|---|---|---|---|
application-id | String | True | The unique identifier for the application. This identifier is displayed as the Project ID on the Amazon Pinpoint console. |
| Status code | Response model | Description |
|---|---|---|
200 | None | The request succeeded. |
Schemas
Request bodies
{ "DestinationIdentity": "string", "Otp": "string", "ReferenceId": "string" }
Response bodies
{ "Valid": boolean }
Properties
MessageBody
Provides information about an API request or response.
| Property | Type | Required | Description |
|---|---|---|---|
Message | string | False | The message that's returned from the API. |
RequestID | string | False | The unique identifier for the request or response. |
VerificationResponse
Provides information about the validity of the OTP code provided in the request.
| Property | Type | Required | Description |
|---|---|---|---|
Valid | boolean | False | Specifies whether the OTP is valid or not. |
VerifyOTPMessageRequestParameters
Specifies the details of the OTP that you are validating.
| Property | Type | Required | Description |
|---|---|---|---|
DestinationIdentity | string | True | The phone number, in E.164 format, that the OTP code was sent to. |
Otp | string | True | The OTP code that you are validating. |
ReferenceId | string | True | The reference ID that you used when you sent the OTP code to the recipient. The reference ID must be an exact match. |
See also
For more information about using this API in one of the language-specific AWS SDKs and references, see the following:
VerifyOTPMessage
