customerVerifyOtp
Overview
After calling customerLogin or customerSignup, verify the one-time password (OTP) sent to the customer using this mutation. Successful verification returns an accessToken (and optional data).
- Type: GraphQL Mutation
- Endpoint: https://subdomain.com
- Authentication: none (OTP verification step)
Mutation
mutation CustomerVerifyOtp($input: CustomerVerifyOtpInput!) {
customerVerifyOtp(input: $input) {
success
message
accessToken
data
}
}
Variables
{
"input": {
"token": "<LOGIN_TOKEN>",
"otp": "123456"
}
}
Examples
- cURL
- JavaScript (fetch)
curl -X POST \
https://subdomain.com \
-H "Content-Type": "application/json" \
--data-binary @- << 'EOF'
{
"query": "mutation CustomerVerifyOtp($input: CustomerVerifyOtpInput!) { customerVerifyOtp(input: $input) { success message accessToken data } }",
"variables": {
"input": {
"token": "<LOGIN_TOKEN>",
"otp": "123456"
}
}
}
EOF
const res = await fetch('https://subdomain.com', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
query: `
mutation CustomerVerifyOtp($input: CustomerVerifyOtpInput!) {
customerVerifyOtp(input: $input) {
success
message
accessToken
data
}
}
`,
variables: {
input: {
token: '<LOGIN_TOKEN>',
otp: '123456',
},
},
}),
});
const json = await res.json();
Notes
- The
tokenparameter is typically the temporary token returned bycustomerLogin/customerSignup. - Store the returned
accessTokensecurely (cookie/local storage) for authenticated calls. - Handle error messages (invalid/expired OTP) to prompt re-entry or resend.