Skip to main content
POST
/
pep
/
verify-access
Verify OTP for PEP account access
curl --request POST \
  --url https://olive-gateway-a6ba.onrender.com/api/v1/pep/verify-access \
  --header 'Authorization: <api-key>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "otp_code": "<string>",
  "subscriber_id": "<string>"
}
'
{}

​
Verify PEP Access

Verify the 6-digit OTP and grant temporary access to PEP account data.

​
Endpoint

POST /api/v1/pep/verify-access

​
Authentication

​
Authorization
string
required
Bearer token (Admin JWT with pep_access_authorized: true)

​
Request Body

​
subscriber_id
string
required
PEP subscriber UUID
​
otp_code
string
required
6-digit OTP code received

​
Response

{
  "success": true,
  "message": "Access granted"
}

​
Security Notes

  • OTP verification is required for each session
  • Access is time-limited
  • All access attempts are logged for audit
  • IP address and user agent are recorded

​
Errors

CodeDescription
400Invalid OTP or expired
401User not authenticated
403Not authorized for PEP access
500Internal server error

Authorizations

​
Authorization
string
header
required

API Key for third-party integrations (WhatsApp, Smart PAY, VULT). Format: 'Bearer olive_live_xxxxxxxxxxxxx'

Body

application/json

OTP verification

​
otp_code
string
required
​
subscriber_id
string
required

Response

Access granted

The response is of type object.