> ## Documentation Index > Fetch the complete documentation index at: https://docs.loyalty.dog/llms.txt > Use this file to discover all available pages before exploring further. # Verifycustomerotp > ### Verify OTP and Login Customer Verify the OTP code sent to the customer's email or phone. On success, finds or creates a GiftCardCustomer record and returns a session token. **Flow**: 1. Verify the OTP code against Redis 2. Find or create a GiftCardCustomer document in MongoDB 3. Update customer's trust level and login metadata 4. Create a Redis-backed session (24-hour TTL) 5. Return session token and customer identity **Request Body**: - `target`: Email or phone the OTP was sent to - `code`: 6-digit OTP code - `name`: Optional customer name (used during first registration) **Status Codes**: - 200: OTP verified, session created - 400: Invalid code, expired, or too many attempts ## OpenAPI ````yaml https://api.loyalty.dog/openapi.json post /v2/giftcards/customers/otp/verify openapi: 3.1.0 info: title: LoyaltyDog description: >- Welcome to the LoyaltyDog API! This API provides access to our loyalty program features, allowing you to integrate with various platforms and manage your loyalty data. Want to query LoyaltyDog via an AI assistant (Claude, Cursor, Windsurf)? See the [MCP Integration guide](https://loyaltydog.ai/playground#mcp). termsOfService: https://loyalty.dog/loyalty-program-terms-service contact: name: LoyaltyDog Support url: https://loyalty.dog/contact-us email: support@loyalty.dog version: 1.0.1 servers: - url: https://api.loyalty.dog description: Production security: - bearerAuth: [] paths: /v2/giftcards/customers/otp/verify: post: tags: - Gift Card Customers summary: Verifycustomerotp description: >- ### Verify OTP and Login Customer Verify the OTP code sent to the customer's email or phone. On success, finds or creates a GiftCardCustomer record and returns a session token. **Flow**: 1. Verify the OTP code against Redis 2. Find or create a GiftCardCustomer document in MongoDB 3. Update customer's trust level and login metadata 4. Create a Redis-backed session (24-hour TTL) 5. Return session token and customer identity **Request Body**: - `target`: Email or phone the OTP was sent to - `code`: 6-digit OTP code - `name`: Optional customer name (used during first registration) **Status Codes**: - 200: OTP verified, session created - 400: Invalid code, expired, or too many attempts operationId: verifyCustomerOTP_v2_giftcards_customers_otp_verify_post requestBody: content: application/json: schema: $ref: '#/components/schemas/VerifyOTPRequest' required: true responses: '200': description: Successful Response content: application/json: schema: $ref: '#/components/schemas/VerifyOTPResponse' '422': description: Validation Error content: application/json: schema: $ref: '#/components/schemas/HTTPValidationError' components: schemas: VerifyOTPRequest: properties: target: type: string maxLength: 255 minLength: 1 title: Target description: Email address or phone number the OTP was sent to code: type: string maxLength: 6 minLength: 6 pattern: ^\d{6}$ title: Code description: 6-digit OTP code name: anyOf: - type: string maxLength: 255 - type: 'null' title: Name description: Customer name (used during registration) type: object required: - target - code title: VerifyOTPRequest description: Request to verify an OTP code. VerifyOTPResponse: properties: success: type: boolean title: Success error: anyOf: - type: string - type: 'null' title: Error verifiedTarget: anyOf: - type: string - type: 'null' title: Verifiedtarget otpType: anyOf: - type: string - type: 'null' title: Otptype sessionToken: anyOf: - type: string - type: 'null' title: Sessiontoken identity: anyOf: - $ref: '#/components/schemas/CustomerIdentityResponse' - type: 'null' type: object required: - success title: VerifyOTPResponse HTTPValidationError: properties: detail: items: $ref: '#/components/schemas/ValidationError' type: array title: Detail type: object title: HTTPValidationError CustomerIdentityResponse: properties: id: $ref: '#/components/schemas/PydanticObjectId' email: anyOf: - type: string - type: 'null' title: Email phone: anyOf: - type: string - type: 'null' title: Phone name: anyOf: - type: string - type: 'null' title: Name verified: type: boolean title: Verified verifiedAt: anyOf: - type: string - type: 'null' title: Verifiedat trustLevel: type: string title: Trustlevel type: object required: - id - email - phone - name - verified - verifiedAt - trustLevel title: CustomerIdentityResponse description: Customer identity information returned after successful verification. ValidationError: properties: loc: items: anyOf: - type: string - type: integer type: array title: Location msg: type: string title: Message type: type: string title: Error Type input: title: Input ctx: type: object title: Context type: object required: - loc - msg - type title: ValidationError PydanticObjectId: type: string maxLength: 24 minLength: 24 pattern: ^[0-9a-f]{24}$ example: 5eb7cf5a86d9755df3a6c593 securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: JWT access token obtained from POST /v2/token. ````