Skip to main content
POST
/
api
/
commerce
/
auth
/
verify
Verify a sign-in code and mint a session token
curl --request POST \
  --url https://app.vaultgraph.com/api/commerce/auth/verify \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: <api-key>' \
  --data '
{
  "challenge_id": "<string>",
  "code": "<string>"
}
'
{
  "data": {
    "session_token": "<string>",
    "expires_at": "2023-11-07T05:31:56Z"
  }
}

Authorizations

x-api-key
string
header
required

Body

application/json

The challenge being answered and the one-time code the customer received.

challenge_id
string
required

The challenge_id returned when the code was requested.

code
string
required

The one-time code the customer received.

Response

A customer-bound session

data
object

A customer-bound session. Send session_token on later requests via the x-vg-ctx-session-token header to act as the signed-in customer.