OrbVPNOrbVPN
TutorialsTroubleshootServicesAPIBusinessBlogDashboard

Verify Email with Code API

Verify user email addresses using a verification code to activate accounts and receive access tokens

Email Verification

Verify Email API

Complete the registration process by verifying email addresses. Users receive an access token upon successful verification, enabling immediate authenticated access.

View Signup API

6-Digit Code

Simple numeric codes that are easy to enter on any device.

Instant Activation

Account activated immediately upon successful verification.

Returns Access Token

Get authenticated instantly without a separate login step.

Endpoint Overview

MUTATION/graphql

Verify a user's email address using the verification code sent during registration. Returns an access token for immediate authenticated access.

Authentication:No Auth Required

Request Parameters

emailString!Required

The email address that needs to be verified. Must match the email used during registration.

verificationCodeString!Required

The 6-digit verification code sent to the user's email address.

GraphQL Mutation

mutation verifyEmailWithCode($email: String!, $verificationCode: String!) {
  verifyEmailWithCode(email: $email, verificationCode: $verificationCode) {
    accessToken
  }
}

Variables:

{
  "email": "user@example.com",
  "verificationCode": "123456"
}

HTTP Request:

curl -X POST https://api.orbnet.com/graphql \
  -H "Content-Type: application/json" \
  -d '{
    "query": "mutation verifyEmailWithCode($email: String!, $verificationCode: String!) { verifyEmailWithCode(email: $email, verificationCode: $verificationCode) { accessToken } }",
    "variables": {
      "email": "user@example.com",
      "verificationCode": "123456"
    }
  }'

Response

200Email Verified Successfully
{
  "data": {
    "verifyEmailWithCode": {
      "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
    }
  }
}
400Invalid Verification Code
{
  "errors": [
    {
      "message": "Invalid verification code",
      "path": ["verifyEmailWithCode"],
      "extensions": {
        "code": "INVALID_CODE"
      }
    }
  ],
  "data": null
}
400Code Expired
{
  "errors": [
    {
      "message": "Verification code has expired. Please request a new one.",
      "path": ["verifyEmailWithCode"],
      "extensions": {
        "code": "CODE_EXPIRED"
      }
    }
  ],
  "data": null
}
404Email Not Found
{
  "errors": [
    {
      "message": "No pending verification found for this email",
      "path": ["verifyEmailWithCode"],
      "extensions": {
        "code": "EMAIL_NOT_FOUND"
      }
    }
  ],
  "data": null
}
400Already Verified
{
  "errors": [
    {
      "message": "This email has already been verified",
      "path": ["verifyEmailWithCode"],
      "extensions": {
        "code": "ALREADY_VERIFIED"
      }
    }
  ],
  "data": null
}

Verification Flow

1

User Signs Up

User creates account with email and password. System sends verification email with 6-digit code.

2

Check Email

User receives email with verification code. Code is valid for 15 minutes.

3

Enter Code

User enters the 6-digit code in your application's verification screen.

4

Verify & Authenticate

Call this API with email and code. On success, receive access token and redirect to app.

Code Specifications

6-Digit Numeric

Verification codes are 6 numeric digits (000000-999999) for easy entry on mobile keyboards.

15-Minute Expiry

Codes expire 15 minutes after generation for security. Users can request a new code if expired.

Single Use

Each code can only be used once. After successful verification, the code is invalidated.

Case Insensitive

Codes are numeric only, but the API handles any formatting (spaces, dashes) gracefully.

Best Practices

Auto-Focus Input

Automatically focus the verification code input field when the screen loads for better UX.

Show Expiry Timer

Display a countdown showing when the code expires. Offer resend option when timer hits zero.

Handle Paste

Allow users to paste codes from clipboard. Strip spaces and dashes before submitting.

Resend Option

Provide a clear 'Resend Code' button with a short cooldown (30-60 seconds) to prevent spam.

Error Handling

INVALID_CODE

Code doesn't match. Check for typos and ensure correct email is used.

CODE_EXPIRED

Code has expired. Use resend verification API to get a new code.

EMAIL_NOT_FOUND

No account found with this email. User may need to sign up first.

ALREADY_VERIFIED

Email already verified. Redirect user to login instead.

Related Endpoints

MUTATIONSign Up

Create account (triggers verification email)

MUTATIONResend Verification

Request a new verification code

MUTATIONLogin

Alternative: Login if already verified

QUERYGet User Profile

Fetch user details after verification

Instant Authentication

Unlike traditional verification flows, this API returns an access token on success. You can redirect users directly to your app without requiring a separate login step.

Complete the Registration Flow

Build a seamless onboarding experience. After verification, users are instantly authenticated and ready to use your application.

View Resend API

User Signup API

Previous Page

Resend Verification Email API

Next Page

On this page

Endpoint Overview
Request Parameters
GraphQL Mutation
Response
Verification Flow
Code Specifications
Best Practices
Error Handling
Related Endpoints