> For clean Markdown of any page, append .md to the page URL. > For a complete documentation index, see https://docs.itspropel.com/llms.txt. > For full documentation content, see https://docs.itspropel.com/llms-full.txt. > For AI client integration (Claude Code, Cursor, etc.), connect to the MCP server at https://docs.itspropel.com/_mcp/server. # Verify POST https://auth/verify Content-Type: multipart/form-data For TOTP users, `code` accepts either a 6-digit TOTP code OR a 10-char alphanumeric recovery code (hyphenated or not, e.g. `XXXXX-XXXXX`). Response may additionally include: `attributes.recovery_codes` (array, ONCE on first-time TOTP confirmation), `attributes.recovery_codes_remaining` (int, on recovery-code login), `attributes.recovery_codes_low` (bool, true when ≤3 remain). Reference: https://docs.itspropel.com/propel-biz/01-auth/verify ## OpenAPI Specification ```yaml openapi: 3.1.0 info: title: PropelBiz version: 1.0.0 paths: /auth/verify: post: operationId: verify summary: Verify description: >- For TOTP users, `code` accepts either a 6-digit TOTP code OR a 10-char alphanumeric recovery code (hyphenated or not, e.g. `XXXXX-XXXXX`). Response may additionally include: `attributes.recovery_codes` (array, ONCE on first-time TOTP confirmation), `attributes.recovery_codes_remaining` (int, on recovery-code login), `attributes.recovery_codes_low` (bool, true when ≤3 remain). tags: - subpackage_01Auth responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/01 Auth_Verify_Response_200' '401': description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/PostAuthVerifyRequestUnauthorizedError' requestBody: content: multipart/form-data: schema: type: object properties: code: type: string description: 'Required: Code Received from OTP or TOTP' auth_challenge: type: string description: 'Required: auth_challenge Received from auth/login' required: - code - auth_challenge servers: - url: https:/ components: schemas: AuthVerifyPostResponsesContentApplicationJsonSchemaData: type: object properties: 2fa_payload: type: string required: - 2fa_payload title: AuthVerifyPostResponsesContentApplicationJsonSchemaData 01 Auth_Verify_Response_200: type: object properties: data: $ref: >- #/components/schemas/AuthVerifyPostResponsesContentApplicationJsonSchemaData required: - data title: 01 Auth_Verify_Response_200 AuthVerifyPostResponsesContentApplicationJsonSchemaErrorsItems: type: object properties: title: type: string detail: type: string status: type: string required: - title - detail - status title: AuthVerifyPostResponsesContentApplicationJsonSchemaErrorsItems PostAuthVerifyRequestUnauthorizedError: type: object properties: errors: type: array items: $ref: >- #/components/schemas/AuthVerifyPostResponsesContentApplicationJsonSchemaErrorsItems required: - errors title: PostAuthVerifyRequestUnauthorizedError ``` ## SDK Code Examples ```python 200 import requests url = "https://https/auth/verify" payload = "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n482915\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"auth_challenge\"\r\n\r\na1b2c3d4e5f6g7h8i9j0\r\n-----011000010111000001101001--\r\n" headers = {"Content-Type": "multipart/form-data; boundary=---011000010111000001101001"} response = requests.post(url, data=payload, headers=headers) print(response.json()) ``` ```javascript 200 const url = 'https://https/auth/verify'; const form = new FormData(); form.append('code', '482915'); form.append('auth_challenge', 'a1b2c3d4e5f6g7h8i9j0'); const options = {method: 'POST'}; options.body = form; try { const response = await fetch(url, options); const data = await response.json(); console.log(data); } catch (error) { console.error(error); } ``` ```go 200 package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "https://https/auth/verify" payload := strings.NewReader("-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n482915\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"auth_challenge\"\r\n\r\na1b2c3d4e5f6g7h8i9j0\r\n-----011000010111000001101001--\r\n") req, _ := http.NewRequest("POST", url, payload) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := io.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) } ``` ```ruby 200 require 'uri' require 'net/http' url = URI("https://https/auth/verify") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true request = Net::HTTP::Post.new(url) request.body = "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n482915\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"auth_challenge\"\r\n\r\na1b2c3d4e5f6g7h8i9j0\r\n-----011000010111000001101001--\r\n" response = http.request(request) puts response.read_body ``` ```java 200 import com.mashape.unirest.http.HttpResponse; import com.mashape.unirest.http.Unirest; HttpResponse response = Unirest.post("https://https/auth/verify") .body("-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n482915\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"auth_challenge\"\r\n\r\na1b2c3d4e5f6g7h8i9j0\r\n-----011000010111000001101001--\r\n") .asString(); ``` ```php 200 request('POST', 'https://https/auth/verify', [ 'multipart' => [ [ 'name' => 'code', 'contents' => '482915' ], [ 'name' => 'auth_challenge', 'contents' => 'a1b2c3d4e5f6g7h8i9j0' ] ] ]); echo $response->getBody(); ``` ```csharp 200 using RestSharp; var client = new RestClient("https://https/auth/verify"); var request = new RestRequest(Method.POST); request.AddParameter("undefined", "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n482915\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"auth_challenge\"\r\n\r\na1b2c3d4e5f6g7h8i9j0\r\n-----011000010111000001101001--\r\n", ParameterType.RequestBody); IRestResponse response = client.Execute(request); ``` ```swift 200 import Foundation let parameters = [ [ "name": "code", "value": "482915" ], [ "name": "auth_challenge", "value": "a1b2c3d4e5f6g7h8i9j0" ] ] let boundary = "---011000010111000001101001" var body = "" var error: NSError? = nil for param in parameters { let paramName = param["name"]! body += "--\(boundary)\r\n" body += "Content-Disposition:form-data; name=\"\(paramName)\"" if let filename = param["fileName"] { let contentType = param["content-type"]! let fileContent = String(contentsOfFile: filename, encoding: String.Encoding.utf8) if (error != nil) { print(error as Any) } body += "; filename=\"\(filename)\"\r\n" body += "Content-Type: \(contentType)\r\n\r\n" body += fileContent } else if let paramValue = param["value"] { body += "\r\n\r\n\(paramValue)" } } let request = NSMutableURLRequest(url: NSURL(string: "https://https/auth/verify")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error as Any) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume() ``` ```python 201 import requests url = "https://https/auth/verify" payload = "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n482915\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"auth_challenge\"\r\n\r\na1b2c3d4e5f6g7h8i9j0\r\n-----011000010111000001101001--\r\n" headers = {"Content-Type": "multipart/form-data; boundary=---011000010111000001101001"} response = requests.post(url, data=payload, headers=headers) print(response.json()) ``` ```javascript 201 const url = 'https://https/auth/verify'; const form = new FormData(); form.append('code', '482915'); form.append('auth_challenge', 'a1b2c3d4e5f6g7h8i9j0'); const options = {method: 'POST'}; options.body = form; try { const response = await fetch(url, options); const data = await response.json(); console.log(data); } catch (error) { console.error(error); } ``` ```go 201 package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "https://https/auth/verify" payload := strings.NewReader("-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n482915\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"auth_challenge\"\r\n\r\na1b2c3d4e5f6g7h8i9j0\r\n-----011000010111000001101001--\r\n") req, _ := http.NewRequest("POST", url, payload) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := io.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) } ``` ```ruby 201 require 'uri' require 'net/http' url = URI("https://https/auth/verify") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true request = Net::HTTP::Post.new(url) request.body = "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n482915\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"auth_challenge\"\r\n\r\na1b2c3d4e5f6g7h8i9j0\r\n-----011000010111000001101001--\r\n" response = http.request(request) puts response.read_body ``` ```java 201 import com.mashape.unirest.http.HttpResponse; import com.mashape.unirest.http.Unirest; HttpResponse response = Unirest.post("https://https/auth/verify") .body("-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n482915\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"auth_challenge\"\r\n\r\na1b2c3d4e5f6g7h8i9j0\r\n-----011000010111000001101001--\r\n") .asString(); ``` ```php 201 request('POST', 'https://https/auth/verify', [ 'multipart' => [ [ 'name' => 'code', 'contents' => '482915' ], [ 'name' => 'auth_challenge', 'contents' => 'a1b2c3d4e5f6g7h8i9j0' ] ] ]); echo $response->getBody(); ``` ```csharp 201 using RestSharp; var client = new RestClient("https://https/auth/verify"); var request = new RestRequest(Method.POST); request.AddParameter("undefined", "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n482915\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"auth_challenge\"\r\n\r\na1b2c3d4e5f6g7h8i9j0\r\n-----011000010111000001101001--\r\n", ParameterType.RequestBody); IRestResponse response = client.Execute(request); ``` ```swift 201 import Foundation let parameters = [ [ "name": "code", "value": "482915" ], [ "name": "auth_challenge", "value": "a1b2c3d4e5f6g7h8i9j0" ] ] let boundary = "---011000010111000001101001" var body = "" var error: NSError? = nil for param in parameters { let paramName = param["name"]! body += "--\(boundary)\r\n" body += "Content-Disposition:form-data; name=\"\(paramName)\"" if let filename = param["fileName"] { let contentType = param["content-type"]! let fileContent = String(contentsOfFile: filename, encoding: String.Encoding.utf8) if (error != nil) { print(error as Any) } body += "; filename=\"\(filename)\"\r\n" body += "Content-Type: \(contentType)\r\n\r\n" body += fileContent } else if let paramValue = param["value"] { body += "\r\n\r\n\(paramValue)" } } let request = NSMutableURLRequest(url: NSURL(string: "https://https/auth/verify")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error as Any) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume() ```