> ## Documentation Index
> Fetch the complete documentation index at: https://docs.streambird.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Verify Token

> Verify an internal OAuth token redirected to your application upon the completion of the OAuth flow. This token is generated by MoonKey and can be used to exchange for the authenticated user information and/or the original `access_token` and `refresh_token` of the idp providers that can be used directly with the external OAuth providers (e.g., Google, Apple, Microsoft, etc).
## Returns

A successful response returns `user_id`, `idp_session` property with data from the OAuth provider by default. `Session` object in `session` property if any of the `session_token`, `session_jwt`, or `session_expires_in` is valid.



## OpenAPI

````yaml post /v1/auth/oauth/verify
openapi: 3.1.0
info:
  title: MoonKey Auth API
  description: >-
    Explore all the details of MoonKey Auth API. All of our APIs are RESTful and
    accept and return JSON.
  version: v1
servers:
  - url: https://api.moonkey.fun
    description: Production
    variables: {}
security:
  - Authorization: []
tags:
  - name: Users
    description: User management API
  - name: Magic Links
    description: ''
  - name: OTPs
    description: >-
      Send OTP (One-time passcodes) by all the supported delivery methods such
      as SMS, email.
  - name: OAuth
    description: ''
  - name: Wallets Login
    description: ''
  - name: Managed Wallets
    description: ''
  - name: Wallet Import
    description: >-
      Import existing wallets into the platform using secure HPKE encryption.
      This flow ensures raw entropy (seed phrases or private keys) never touches
      the server in plaintext.
externalDocs:
  url: ''
  description: ''
paths:
  /v1/auth/oauth/verify:
    parameters: []
    post:
      tags:
        - OAuth
      summary: Verify Token
      description: >-
        Verify an internal OAuth token redirected to your application upon the
        completion of the OAuth flow. This token is generated by MoonKey and can
        be used to exchange for the authenticated user information and/or the
        original `access_token` and `refresh_token` of the idp providers that
        can be used directly with the external OAuth providers (e.g., Google,
        Apple, Microsoft, etc).

        ## Returns


        A successful response returns `user_id`, `idp_session` property with
        data from the OAuth provider by default. `Session` object in `session`
        property if any of the `session_token`, `session_jwt`, or
        `session_expires_in` is valid.
      operationId: VerifyOAuthToken
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/VerifyOAuthTokenRequest'
            examples:
              VerifyOAuthTokenReq:
                value:
                  token: >-
                    yRqkvNQVTwddlZV6D7S0ypSNpHlCbfYG4OAw3oUIVFFZ27UJ8R0xmRUQfNF59G9i
      responses:
        '200':
          description: Verify Token response
          content:
            application/json:
              schema:
                description: ''
                type: object
                properties:
                  provider_subject:
                    type: string
                    minLength: 1
                  provider:
                    type: string
                    minLength: 1
                  user_id:
                    type: string
                    minLength: 1
                  idp_session:
                    type: object
                    description: Returned if `session_type` with value `idp` is used.
                    required:
                      - idp
                    properties:
                      idp:
                        type: object
                        required:
                          - access_token
                          - refresh_token
                        properties:
                          access_token:
                            type: string
                            minLength: 1
                          refresh_token:
                            type: string
                            minLength: 1
                  session_token:
                    type: string
                    minLength: 1
                  session_jwt:
                    type: string
                  session:
                    $ref: '#/components/schemas/Session'
                required:
                  - provider_subject
                  - provider
                  - user_id
                  - idp_session
                  - session_token
                  - session
              examples:
                VerifyOAuthTokenResp:
                  value:
                    provider_subject: '100157402424066154830'
                    provider: google
                    user_id: user_24wFP9pDa9YiMJLun94iKykoZs2
                    idp_session:
                      idp:
                        access_token: >-
                          ya29.A0ARrdaM9TnNfrdqDZmBIw7PBPjYf0HELFdxDCNC2cQRK7aqgsIfIusuCd0SJ5nx9dgGti2KU-rt_dIV7cpxasqpCpRq7VNyv-KsbC2-cn6j76p_wVmUwCKlWZ_3ZHx8WFdlIrLu-E1q3Ea_11zfmQCwuwgBMl
                        refresh_token: >-
                          1//0d2jmQJmy0z17CgYIARAAGA0SNwF-L9IrF-jEvfwE-YNr_--Cqzu7MGnmtpLu0kklcFfgJzI2FSBib9_4wh1MAs4JKbAvue2XJoI
                    session: null
                    session_token: ''
components:
  schemas:
    VerifyOAuthTokenRequest:
      description: ''
      type: object
      properties:
        token:
          type: string
          minLength: 1
          description: >-
            `Required` OAuthToken provided to the login/signup redirect url to
            authenticate the OAuth session and exchange user info and idp
            `access_token` and `refresh_token`.
        session_expires_in:
          type: number
          description: >-
            Extend the session expiration time to N minutes from now, must be
            between 5 to 525600 minutes (365 days). This parameter will create a
            new session if there is no existing session along with a
            `session_token` and `session_jwt`. However, if a valid
            `session_token` or `session_jwt` is sent in, it will extend that
            session by the minutes specified. If not sent in and no valid
            `session_token` or `session_jwt` included, it will be ignored and no
            MoonKey session will be created by default.
        session_token:
          type: string
          minLength: 1
          description: Unique session token to verify.
        session_jwt:
          type: string
          description: Unique Session JWT to verify.
      required:
        - token
    Session:
      description: ''
      type: object
      x-examples:
        Session:
          id: sess_24tZ6tlJ7CxlTwB6Zoj6SHQ9vU3
          user_id: user_24wFP9pDa9YiMJLun94iKykoZs2
          session_token: 7hssInGtOjKGUh8w7T4NjgLIKKSw6UdZ8uOduBYmJzrtfV6GrNtaUYoGehRS6jBh
          started_at: 1643496805
          expires_at: 1643502805
          last_active_at: 1643496805
          factors:
            - delivery_channel: sms
              type: otp
              method:
                method_id: pn_24oXBLRv6BoHXbNZoTAZkAFlRsy
                method_type: phone_number
                phone_number_id: pn_24oXBLRv6BoHXbNZoTAZkAFlRsy
                phone_number: '+14152222222'
                last_verified_at: 1643496805
          device_fingerprint:
            user_agent: ''
            ip: 123.2.1.1
          updated_at: 1643496805
          created_at: 1643496805
      title: Session
      properties:
        id:
          type: string
          minLength: 1
        user_id:
          type: string
          minLength: 1
        session_token:
          type: string
          minLength: 1
        started_at:
          type: number
        expires_at:
          type: number
        last_active_at:
          type: number
        factors:
          type: array
          uniqueItems: true
          minItems: 1
          items:
            type: object
            properties:
              delivery_channel:
                type: string
                minLength: 1
                description: >-
                  Delivery channel for this factor. Possible values: sms, email,
                  totp_authenticator, totp_recovery_code, google_oauth,
                  apple_oauth, microsoft_oauth, discord_oauth, okta_oauth,
                  github_oauth, slack_oauth, facebook_oauth,
                  webauthn_credential, eth_wallet, sol_wallet.
              type:
                type: string
                minLength: 1
                description: >-
                  Authentication type of factor. Possible values: otp, oauth,
                  wallet, totp, webauthn.
              method:
                type: object
                required:
                  - method_id
                  - method_type
                  - last_verified_at
                properties:
                  id:
                    type: string
                  method_id:
                    type: string
                    minLength: 1
                  method_type:
                    type: string
                    minLength: 1
                    description: >-
                      Identifier method type. Possible values: email, wallet,
                      phone_number, webauthn.
                  last_verified_at:
                    type: number
                  phone_number_id:
                    type: string
                    minLength: 1
                  phone_number:
                    type: string
                    minLength: 1
                  email_id:
                    type: string
                  email:
                    type: string
                  wallet_type:
                    type: string
                  wallet_id:
                    type: string
                  wallet_public_address:
                    type: string
                  totp_id:
                    type: string
                  webauthn_credential_id:
                    type: string
                  provider_subject:
                    type: string
            required:
              - delivery_channel
              - type
              - method
        device_fingerprint:
          type: object
          required:
            - user_agent
            - ip
          properties:
            user_agent:
              type: string
            ip:
              type: string
              minLength: 1
        updated_at:
          type: number
        created_at:
          type: number
      required:
        - id
        - user_id
        - session_token
        - started_at
        - expires_at
        - last_active_at
        - factors
        - device_fingerprint
        - updated_at
        - created_at
  securitySchemes:
    Authorization:
      type: http
      scheme: bearer
      description: >-
        Auth Platform API includes all the Auth related features. All Users,
        Phone Numbers, Emails, and OTPs are associated with an `App` as the
        container.


        Endpoints only accept App's `Secret API keys` other than certain
        endpoints that are used client side or via SDK that accept the
        `public_token`.


        ## Authentication using App Api Key


        ## Header:


        ```

        Authorization: Bearer {api_key}

        ```


        ## Authenticated Request


        ```curl

        curl \
          -X GET https://api.moonkey.fun/v1/auth/users/user_24wFP9pDa9YiMJLun94iKykoZs2 \
          -H "Authorization: Bearer sk_test_pRqweh3wvWmJAAVYv7Z0T5iPLzFM4ql0muoyQcjOxGeN3p1r"
        ```

````