{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "#/components/schemas/AuthenticateUserWithVerificationCode", "title": "AuthenticateUserWithVerificationCode", "description": "Authenticate a user using a verification code.", "type": "object", "properties": { "grant_type": { "type": "string", "description": "It should be http://auth0.com/oauth/grant-type/passwordless/otp." }, "client_id": { "type": "string", "description": "The client_id of your application." }, "client_assertion": { "type": "string", "description": "A JWT containing a signed assertion with your application credentials. Required when Private Key JWT is your application authentication method." }, "client_assertion_type": { "type": "string", "description": "The value is urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method." }, "client_secret": { "type": "string", "description": "The client_secret of your application. Required when the Token Endpoint Authentication Method field at your Application Settings is Post or Basic. Specifically required for Regular Web Applications only." }, "username": { "type": "string", "description": "The user's phone number if realm=sms, or the user's email if realm=email." }, "realm": { "type": "string", "description": "Use sms or email (should be the same as POST /passwordless/start)" }, "otp": { "type": "string", "description": "The user's verification code." }, "audience": { "type": "string", "description": "API Identifier of the API for which you want to get an Access Token." }, "scope": { "type": "string", "description": "Use openid to get an ID Token, or openid profile email to also include user profile information in the ID Token." }, "redirect_uri": { "type": "string", "description": "A callback URL that has been registered with your application's Allowed Callback URLs." } } }