The Verify 2FA Phone Code API can be used to verify that a verification code entered by a user matches the code that was sent to them from the send 2FA SMS phone code process.
If this step is completed successfully, the
isMfaIncomplete response header field will be updated (within the x-digifi-account JSON base64 string).
Please note the following validations:
- The accountAccessToken should be valid (real, not expired)
- One attempt only. If the first attempt fails the code will be deleted and you will need to use the Send 2FA SMS Phone Code API again
- MFA should be incomplete (not passed)
This API uses only headers (no JSON body is required).