checkVerificationCode

POST /v2/pds/memberships/checkVerificationCode

With this API call, the Mini Program Platform can request the merchant to check the verification code that is input by the user, which can be either a password or a one-time password (OTP).

The message structure of this API is defined by us. Follow the specifications below when the merchant develops this API.

Structure

A message consists of a header and body. The following sections are focused on the body structure. For the header structure, see:

Request parameters

Field

Data type

Required

Description

loginIdentity

LoginIdentity

Yes

Indicates the member's identity.

bizScene

String

Yes

Indicates the business scenario where the verification code is used. Valid values are:

  • REGISTRATION: indicates the verification code is used for the membership registration.
  • PASSWORD_RESET: indicates the verification code is used for the password reset.
  • LOGIN_ID_UPDATE: indicates the verification code is used for the login ID update.

verificationType

String

Yes

Indicates the type of verification code. Valid values are:

  • OTP: indicates the one-time password (OTP).
  • PASSWORD: indicates the password.

verificationCode

String

Yes

Indicates the verification code. The value of this parameter can be either of the following ones:

  • the value of the one-time password (OTP) that is input by the user, if the value of the verificationType parameter is OTP.
  • the value of the password that is input by the user, if the value of the verificationType parameter is PASSWORD. Note that the password is encrypted with AES256.

extendInfo

String

No

Indicates any extended information that the Mini Program Platform passes to the merchant.

  • Maximum length: 2048 characters
  • Characters not allowed: special characters such as @, #, and ?

Response parameters

Field

Data type

Required

Description

result

Result

Yes

Indicates the request result, such as status and error codes.

extendInfo

String

No

Indicates any extended information that the merchant passes to the Mini Program Platform.

  • Maximum length: 2048 characters
  • Characters not allowed: special characters such as @, #, and ?

Error codes

Error codes are usually classified into the following categories:

  • Common error codes are common for all mini program OpenAPIs in V2.
  • API-specific error codes: This API have the following error codes.

Error code

Result status

Error message

Further action

INVALID_VERIFCATION_CODE

F

The password or one-time password (OTP) entered by the user is invalid.

Enter another password or OTP.

VERIFICATION_CODE_CHECK_REQUEST_EXCEEDS_LIMIT

F

The user enters the password or one-time password (OTP) too frequently.

Try again later.

Result processing logic

In the response, the result.resultStatus parameter indicates the result of processing a request. The following table describes each result status:

resultStatus

Description 

S

The request to check the verification code is successful.

The corresponding value of result.resultCode is SUCCESS and the value of result.resultMessage is Success.

U

The status of the request to check the verification code is unknown.

The corresponding value of result.resultCode is UNKNOWN_EXCEPTION and the value of result.resultMessage is An API calling is failed, which is caused by unknown reasons. For details, see the Common error codes section.

F

The request to check the verification codes failed.

The corresponding values of result.resultCode and result.resultMessage can vary based on different situations. For details, see the following Error codes section.

Sample

The data flow of sending a request to check the verification code is illustrated as follows:

image

The above diagram consists of the following steps:

  1. The Mini Program Platform calls this API to send a request to the merchant to check the verification code.
  2. The merchant server processes the request and validates the verification code.
  3. The merchant returns the check result to the Mini Program Platform.

Request

copy
{
  "loginIdentity": {
    "identityNo": "example@example.com",
    "identityType": "EMAIL"
  },
  "appId": "xxxxxx",
  "bizScene": "REGISTRATION",
  "verificationType": "OTP",
  "verificationCode": "xxxxxx"
}

Response

copy
{
  "result": {
    "resultCode": "SUCCESS",
    "resultMessage": "Success",
    "resultStatus": "S"
  }
}

In the request sample above, the value of result.resultStatus is S, which means the request to send a verification code is successful.