GET
/
auth
/
confirm-email
curl -X GET "https://api.authiqa.com/auth/confirm-email?token=ABC123XYZ789" \
  -H "Content-Type: application/json"

Overview

This endpoint confirms a user’s email address using a verification token sent via email. The token validates the user’s ownership of the email address and activates their account.

API Details

Query Parameters

token
string
required
12-character verification token received in email
curl -X GET "https://api.authiqa.com/auth/confirm-email?token=ABC123XYZ789" \
  -H "Content-Type: application/json"

Try It Out

Test the API by providing your verification token:

token
required
Verification token from email

Process Flow

1

Token Validation

  • Check token presence in query parameters
  • Validate token format (12 characters, uppercase letters and numbers)
2

User Lookup

  • Find user by verification token
  • Verify user exists in system
3

Token Verification

  • Check token expiration (15-minute validity)
  • Verify token hasn’t been used
4

Account Activation

  • Mark email as verified
  • Update account status

Response Examples

200: Success
{
  "success": true,
  "data": {
    "message": "Email verified successfully"
  }
}
400: Invalid Token
{
  "success": false,
  "error": {
    "code": "INVALID_TOKEN",
    "message": "The provided token is invalid"
  }
}

Error Codes

400 Bad Request
  • INVALID_TOKEN - Token format is invalid
  • INVALID_TOKEN_FORMAT - Token must be 12 characters (A-Z, 0-9)
  • TOKEN_EXPIRED - Token has expired (15-minute validity)
  • TOKEN_NOT_PROVIDED - Missing token parameter
  • EMAIL_ALREADY_VERIFIED - Email already verified
404 Not Found
  • USER_NOT_FOUND - No user found with provided token

Notes

Token Validity

  • Tokens expire after 15 minutes
  • Can only be used once
  • Case-sensitive (uppercase only)

Rate Limiting

  • Limited to 1 request per minute per email
  • Failed attempts are tracked