Authentication API reference - totp recover

Recover TOTP

POSThttps://test.stytch.com/v1/totps/recover

Authenticate a recovery code for a TOTP instance.

Body parameters

user_id* string

recovery_code* string

session_custom_claims map<string, any>

session_duration_minutes int

session_jwt string

session_token string

Response fields

status_code int

request_id string

session object

session_jwt string

session_token string

totp_id string

user object

user_id string

curl --request POST \
  --url https://test.stytch.com/v1/totps/recover \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -d '{
    "user_id": "user-test-16d9ba61-97a1-4ba4-9720-b03761dc50c6",
    "recovery_code": "ckss-2skx-ebow"
  }'

RESPONSE

{
  "status_code": 200,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "session": null,
  "session_jwt": "",
  "session_token": "",
  "totp_id": "totp-test-41920359-8bbb-4fe8-8fa3-aaa83f35f02c"
  "user": {...},
  "user_id": "user-test-16d9ba61-97a1-4ba4-9720-b03761dc50c6",
}

Common Error Types

expired_totp
invalid_recovery_code
totp_code_used_as_recovery_code