> ## Documentation Index
> Fetch the complete documentation index at: https://developers.squads.so/llms.txt
> Use this file to discover all available pages before exploring further.

# Verify OTP and complete authentication

> Complete the authentication process by verifying the OTP code



## OpenAPI

````yaml https://grid.squads.xyz/api-docs/openapi.json post /api/grid/v1/auth/verify
openapi: 3.1.0
info:
  title: Grid v1 API
  description: Grid v1 REST API for Solana-based smart account system
  contact:
    name: Grid API Support
    url: https://squads.so
    email: support@squads.so
  license:
    name: MIT
  version: 1.0.0
servers:
  - url: https://grid.squads.xyz
    description: Production server
security:
  - bearer_auth: []
tags:
  - name: accounts
    description: Smart account management operations
  - name: spending-limits
    description: Spending limit management
  - name: standing-orders
    description: Standing order operations
  - name: transactions
    description: Transaction management
  - name: trade
    description: Trade operations and management
  - name: payments
    description: Payment intent operations
  - name: passkeys
    description: Passkey management
  - name: kyc
    description: Know Your Customer operations
  - name: external-accounts
    description: External bank account management
  - name: virtual-accounts
    description: Virtual account management
  - name: auth
    description: Authentication operations
  - name: proposals
    description: Proposal management for multi-sig operations
  - name: compliance
    description: Compliance entity management and KYB/KYC operations
paths:
  /api/grid/v1/auth/verify:
    post:
      tags:
        - auth
      summary: Verify OTP and complete authentication
      description: Complete the authentication process by verifying the OTP code
      operationId: handler
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthVerifyOtpRequestPayload'
        required: true
      responses:
        '200':
          description: Authentication successful
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthVerifyOtpResponsePayload'
        '400':
          description: Invalid OTP code
        '404':
          description: User not found
        '500':
          description: Internal server error
      security:
        - bearer_auth: []
components:
  schemas:
    AuthVerifyOtpRequestPayload:
      type: object
      required:
        - email
        - otp_code
        - kms_provider
        - kms_provider_config
      properties:
        email:
          type: string
        kms_provider:
          $ref: '#/components/schemas/GridMPCProvider'
        kms_provider_config:
          $ref: '#/components/schemas/KmsProviderConfig'
        otp_code:
          type: string
        smart_account_address:
          type:
            - string
            - 'null'
    AuthVerifyOtpResponsePayload:
      type: object
      required:
        - address
        - policies
        - grid_user_id
        - authentication
      properties:
        address:
          type: string
        authentication:
          type: array
          items:
            $ref: '#/components/schemas/AuthenticationProvider'
        grid_user_id:
          type: string
          format: uuid
        policies:
          $ref: '#/components/schemas/AccountPolicies'
    GridMPCProvider:
      type: string
      enum:
        - privy
        - dynamic
        - passkey
        - turnkey
        - external
    KmsProviderConfig:
      oneOf:
        - $ref: '#/components/schemas/TurnkeyKmsProviderConfig'
        - $ref: '#/components/schemas/PrivyKmsProviderConfig'
    AuthenticationProvider:
      type: object
      required:
        - provider
        - session
      properties:
        provider:
          $ref: '#/components/schemas/GridMPCProvider'
        session:
          $ref: '#/components/schemas/Session'
    AccountPolicies:
      type: object
      required:
        - signers
        - threshold
      properties:
        admin_address:
          type:
            - string
            - 'null'
        signers:
          type: array
          items:
            $ref: '#/components/schemas/AccountSigner'
        threshold:
          type: integer
          format: int32
          minimum: 0
        time_lock:
          type:
            - integer
            - 'null'
          format: int32
          minimum: 0
    TurnkeyKmsProviderConfig:
      type: object
      required:
        - encryption_public_key
        - otp_id
      properties:
        encryption_public_key:
          type: string
        otp_id:
          type: string
      additionalProperties: false
    PrivyKmsProviderConfig:
      type: object
      properties:
        encryption_public_key:
          type:
            - string
            - 'null'
      additionalProperties: false
    Session:
      oneOf:
        - type: object
          required:
            - Privy
          properties:
            Privy:
              $ref: '#/components/schemas/PrivySession'
        - type: object
          required:
            - Turnkey
          properties:
            Turnkey:
              $ref: '#/components/schemas/TurnkeySession'
        - type: object
          required:
            - Passkey
          properties:
            Passkey:
              $ref: '#/components/schemas/PasskeySession'
    AccountSigner:
      type: object
      required:
        - address
        - role
        - permissions
      properties:
        address:
          type: string
        permissions:
          type: array
          items:
            $ref: '#/components/schemas/Permission'
        provider:
          $ref: '#/components/schemas/GridMPCProvider'
        role:
          $ref: '#/components/schemas/GridSignerRole'
    PrivySession:
      type: object
      required:
        - user_id
        - session
        - token
        - privy_access_token
        - refresh_token
      properties:
        privy_access_token:
          type: string
        refresh_token:
          type: string
        session:
          $ref: '#/components/schemas/AuthenticateResponse'
        token:
          type: string
        user_id:
          type: string
    TurnkeySession:
      type: object
      required:
        - user_id
        - api_key_id
        - credential_bundle
      properties:
        api_key_id:
          type: string
        credential_bundle:
          type: string
        user_id:
          type: string
    PasskeySession:
      type: object
      required:
        - passkey_account
        - pubkey
        - relying_party_id
        - session_key
      properties:
        passkey_account:
          type: string
        pubkey:
          type: string
        relying_party_id:
          type: string
        session_key:
          $ref: '#/components/schemas/SessionKey'
    Permission:
      type: string
      enum:
        - CAN_INITIATE
        - CAN_VOTE
        - CAN_EXECUTE
    GridSignerRole:
      type: string
      enum:
        - primary
        - backup
    AuthenticateResponse:
      type: object
      required:
        - expires_at
        - wallets
      properties:
        authorization_key:
          type:
            - string
            - 'null'
        encrypted_authorization_key:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/EncryptedAuthorizationKey'
        expires_at:
          type: integer
          format: int64
          minimum: 0
        wallets:
          type: array
          items:
            $ref: '#/components/schemas/Wallet'
    SessionKey:
      type: object
      description: >-
        Grid v1 API SessionKey type that supports backward-compatible
        deserialization

        from both raw bytes array (old format) and base58 string (new format).

        Always serializes to base58 string format.
      required:
        - key
        - expiration
      properties:
        expiration:
          type: integer
          format: int64
          minimum: 0
        key:
          type: string
          example: '11111111111111111111111111111111'
    EncryptedAuthorizationKey:
      type: object
      required:
        - encryption_type
        - encapsulated_key
        - ciphertext
      properties:
        ciphertext:
          type: string
        encapsulated_key:
          type: string
        encryption_type:
          type: string
    Wallet:
      type: object
      required:
        - id
        - address
        - created_at
        - chain_type
        - policy_ids
        - additional_signers
      properties:
        additional_signers:
          type: array
          items:
            $ref: '#/components/schemas/AdditionalSigner'
        address:
          type: string
        chain_type:
          $ref: '#/components/schemas/WalletChainType'
        created_at:
          type: integer
          format: int64
          minimum: 0
        exported_at:
          type:
            - integer
            - 'null'
          format: int64
          minimum: 0
        id:
          type: string
        imported_at:
          type:
            - integer
            - 'null'
          format: int64
          minimum: 0
        owner_id:
          type:
            - string
            - 'null'
        policy_ids:
          type: array
          items:
            type: string
        public_key:
          type:
            - string
            - 'null'
    AdditionalSigner:
      type: object
      required:
        - signer_id
      properties:
        override_policy_ids:
          type: array
          items:
            type: string
          nullable: true
        signer_id:
          type: string
    WalletChainType:
      type: string
      enum:
        - solana
        - ethereum
        - cosmos
        - stellar
        - sui
        - tron
        - bitcoin-segwit
  securitySchemes:
    bearer_auth:
      type: http
      scheme: bearer
      description: Your Grid API key from the Grid Dashboard

````