Skip to main content

POST /api/auth/verify-email/:token

Verifies a user’s email address using the token sent during registration. This endpoint is idempotent—multiple requests with the same valid token will succeed.

Path parameters

token
string
required
Email verification token sent to the user’s email address (32-character hexadecimal string)

Response

success
boolean
Indicates if the verification was successful
message
string
Human-readable response message

Status codes

  • 200 - Email verified successfully (or already verified)
  • 400 - Invalid or expired verification token
  • 500 - Internal server error
This endpoint is idempotent. If the email is already verified, the request will still return success, allowing users to click verification links multiple times without errors.
Verification tokens do not expire but are tied to specific users. Each user has only one valid verification token at a time.

Examples

curl -X POST https://api.campusbite.com/api/auth/verify-email/a3f2e1b9c8d7e6f5a4b3c2d1e0f9a8b7c6d5e4f3a2b1c0d9e8f7a6b5c4d3e2f1

Success response (200)

{
  "success": true,
  "message": "Email verified successfully. You can now log in."
}

Success response for already verified email (200)

{
  "success": true,
  "message": "Email already verified. You can log in."
}

Error response (400)

{
  "success": false,
  "message": "Invalid or expired verification token."
}

Error response (400) - Missing token

{
  "success": false,
  "message": "Verification token is required."
}

Build docs developers (and LLMs) love

Get started for freeTalk to us