Skip to main content

Email Verification

You can verify an email for multi-factor authentication, user registration or passwordless login.

Overview

This section will explain the flow of this operation. Code is available in the examples section

  1. Client-side library calls the Authn.id API with the email address and initiates the email sending process.

    • if a recipient approves the verification link, a token is returned from the Authn.id API to the client side.
    • Client-side forwards the token to your backend.
  2. Your backend calls the Authn.id API /verify/token endpoint with the token.

    • The Authn.id API verifies that the approval was successful and returns additional information about the verification.

Steps

Email Verification Flow

1. Start the email verification frontend

Get the client-side library from a cdn or npm. Pass a email address to the verifyEmail in method to begin the verification process.

const authnId = new AuthnId.Client({
apiKey: "demoproj:public:b75080483c3381e7d1a28e2e646abad2",
});

const email = "john@authn.id";

// returns eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
const { approved, token } = await authnId.verifyEmail(email);

// verifiy the token
if (approved) {
const response = await fetch(`/your-backend/verifyEmail?token=${token}`);
const verified = await response.json();
if (verified.success) {
// success!
}
}

2. Verify the token backend

Once the client-side code has finished the approval process you need to verify the token with the backend api. Only then can you trust that the verification process succeeded.

const apiUrl = "https://api.authn.id/v1";
const API_SECRET = "demoproj:secret:KpkFr6Z6CjP8Dnek39kWFb7M.....";

const { token } = req.query; // eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
const response = await fetch(apiUrl + "/verify/token", {
method: "POST",
body: token,
headers: { "x-authnid-api-secret": API_SECRET, "Content-Type": "text/plain" },
});

var result = await response.json();
if (result.success) {
// success!
console.log(result);
}

Response:

{
success: true,
email: "john@authn.id",
device: "Chrome on Windows",
country: null,
timestamp: "2023-01-01T00:00:00.000Z",
expiresAt: "2023-01-01T00:15:00.000Z",
}