post https://mercury-uat.phonepe.com/v3/merchant/otp/verify
API to verify the OTP given by the customer and the otpToken given by the merchant. Once verified merchant account is linked to PhonePe account. This doesn’t involve any UI flow. Merchant needs to implement their own UI.
Header Name | Header Value |
---|---|
Content-Type | application/json |
X-VERIFY | SHA256(base64 encoded payload + '/v3/merchant/otp/verify' + salt key) + '###' + salt index |
{
"merchantId": "MID",
"otpToken": "TXN12345",
"otp": "65732"
}
{
"request" : "ew0KCeKAnG1lcmNoYW50SWTigJ06IOKAnEpJT+KAnQ0KCeKAnHRyYW5zYWN0aW9uSWTigJ06IOKAnFRYTjEyMzQ14oCdLA0KCeKAnE90cOKAnTog4oCcNjU3MzLigJ0NCn0="
}
Parameter Name | Type | Description | Mandatory |
---|---|---|---|
merchantId | string | Unique merchantId assigned to the merchant | Yes |
otpToken | string | OTP token received in Trigger OTP API response | Yes |
otp | string | OTP received by customer | Yes |
PhonePe will send a new otpToken for every otp requested. Merchants need to pass the correct and latest otpToken and otp pair.
Parameter Name | Type | Description |
---|---|---|
success | boolean | Denotes if API call is successful. |
code | string | See below for list of values |
data | Object | See below table |
Code Value | Description |
---|---|
SUCCESS | Success scenario |
AUTHORIZATION_FAILED | Value of X-VERIFY is incorrect |
BAD_REQUEST | Invalid request payload |
INTERNAL_SERVER_ERROR | The server is busy or the server is not responding |
USER_BLACKLISTED | Customer is blacklisted on PhonePe side |
USER_BLOCKED | User is blocked for 1 day. |
INVALID_OTP_TOKEN | OTP token is not valid or expired |
OTP_LIMIT_EXCEEDED | There is a limit on number of times OTP can be sent on a mobile number. This code will be received is that limit is crossed. |
OTP_ALREADY_VERIFIED | The OTP has been already verified for OTP token. Resending of OTP is required. |
OTP_VERIFY_FAILED | Otp is invalid. Ask user to enter again |
OTP_EXPIRED | Otp expired, regenerate again |
TOO_MANY_REQUESTS | If we are getting too many requests from merchant for this API |
Parameter Name | Type | Description |
---|---|---|
merchantId | string | merchantId assigned to merchant. |
userAuthToken | string | Auth token for the user |