How to validate verification code for passwordless

angeltek · March 13, 2018, 5:05pm

I’m trying to validate the verification code that was send through SMS.

I used the following post call in Postman:

http://<tenant>/oauth/legacy/grant-type/ro

{
  "client_id": "id",
  "connection": "sms",
  "grant_type": "authorization_code",
  "username": "phone_num",
  "password": "code",
  "scope": "openid profile email"
}

But the call is not longer supported for new Auth0 users. So I found another approach using Auth0 AuthenticationAPI but doing so I get

StatusCode = 403

error = invalid_grant

error_description = Invalid authorization code

Any ideas on how to validate the verification code?

using AuthenticationApi implmentation:

var smsReq = new PasswordlessSmsRequest();
                smsReq.ClientId = clientId;
                smsReq.PhoneNumber = someNum;

                var authApi = new AuthenticationApiClient(domain);
                var task = authApi.StartPasswordlessSmsFlowAsync(smsReq);
                var res = task.Result;

                var alert = new AlertDialog.Builder(CrossCurrentActivity.Current.Activity);

                var edit = new EditText(CrossCurrentActivity.Current.Activity) { Hint = "Enter Code" };
                alert.SetView(edit);

                alert.SetTitle("title");

                alert.SetPositiveButton("OK", (senderAlert, args) =>
                {    
                    var tokReq = new AuthorizationCodeTokenRequest();
                    tokReq.ClientId = clientId;
                    tokReq.ClientSecret = clientSecret;
                    tokReq.Code = edit.Text;
                    tokReq.RedirectUri = uri;

                    var auResTask = authApi.GetTokenAsync(tokReq);
                    var autRes = auResTask.Result;
                });

                alert.SetNegativeButton("Cancel", (senderAlert, args) =>
                {
                    
                });
                alert.Show();

James.Morrison · December 18, 2018, 3:27pm

Hey @angeltek

As it has been more than a few months since this topic was opened and there has been no reply or further information provided from the community as to the existence of the issue we would like to check if you are still facing the described challenge?

We are more than happy to assist in any way! If the issue is still out there please let us know so we can create a new thread for better visibility, otherwise we’ll close this one in week’s time.

Thank you!

James.Morrison · December 25, 2018, 7:27am

This topic was automatically closed 6 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SMS Passwordless OTP verification code showing @@password@@ instead of the code in the message Help passwordless-sms	0	1946	November 4, 2022
How to verify SMS code Help sms	3	6483	July 25, 2019
Passwordless SMS: trying to log back in with an active session, "no phone_number or verification code" Help session , passwordless , authorize , passwordless-sms	36	9514	March 23, 2019
400 error when verifying Passwordless OTP SMS code w/ New Universal Login (Identifier First) Help identifier-first , login-experience	6	2245	March 24, 2023
[URGENT]: Auth0 Passwordless SMS Not Sending Help passwordless , sms	2	4377	March 2, 2018

How to validate verification code for passwordless

Related Topics