Skip to content
CloudVNO

Check OTP

Verify a one-time passcode entered by your user.

Check a Verification Code

After sending a code and receiving user input, check it:

result = client.verify.check(
    to="+12125559876",
    code="123456"  # Code entered by the user
)

if result.valid:
    print("Phone number verified!")
    # Mark user as verified in your database
else:
    print("Invalid or expired code")

const result = await client.verify.check({
  to: '+12125559876',
  code: req.body.code,
});

if (result.valid) {
  // Mark user as verified
  await db.users.update({ phoneVerified: true }, { where: { id: userId } });
  res.json({ success: true });
} else {
  res.status(400).json({ error: 'Invalid code' });
}

curl -X POST https://api.cloudvno.com/v1/verify/check \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d to="+12125559876" \
  -d code="123456"

Response

{
  "to": "+12125559876",
  "channel": "sms",
  "valid": true,
  "status": "approved",
  "date_updated": "2026-03-06T10:00:30Z"
}

Handle Failures

result = client.verify.check(to="+12125559876", code="999999")

if not result.valid:
    if result.status == "expired":
        # Code expired — prompt user to request a new one
        return {"error": "Code expired. Please request a new code."}
    elif result.status == "max_attempts_reached":
        # Too many wrong attempts — block for security
        return {"error": "Too many attempts. Please request a new code."}
    else:
        # Wrong code
        return {"error": "Incorrect code. Please try again."}

Security Notes

  • Check codes server-side only — never expose your API key to the frontend
  • Codes automatically expire after the configured valid_for period
  • After 5 failed attempts (configurable), the verification is cancelled
  • Each to number can only have one active verification at a time