# Validation

Phone number validation operations

## Verify HMAC proof

 - [POST /v1/verify-proof](https://api-ref.smsmanager.com/openapi/cs/verify/verifyapi_v1/validation/verifyproof.md): Verifies an HMAC proof for phone validation without storing any state.
This endpoint is useful for backend verification when you have all the validation data
but want SMS Manager to verify the HMAC calculation.

This endpoint not requires authentication - proof itself is the authentication.

All of these data are returned by the /v1/validations endpoint.

Note: This only works for accounts with a verificationSecret configured.

## Start phone validation

 - [POST /v1/validations](https://api-ref.smsmanager.com/openapi/cs/verify/verifyapi_v1/validation/startvalidation.md): Initiates a new phone number validation by sending an message with a verification code.
Returns a validation token that must be used for subsequent verification.

## Verify code

 - [POST /v1/validations/{token}/verify](https://api-ref.smsmanager.com/openapi/cs/verify/verifyapi_v1/validation/verifycode.md): Verifies the code entered by the user. On successful verification, returns all data needed
for backend verification including the phone number, token, code, timestamp, and HMAC proof 
(if account has verificationSecret configured).

The number of attempts is limited based on account configuration (default: 6).

## Verify proof (optional)

 - [PATCH /v1/validations/{token}](https://api-ref.smsmanager.com/openapi/cs/verify/verifyapi_v1/validation/verifyproof.md): Optional endpoint to verify a proof hash from a previous successful validation.
This can be used to confirm that a validation was completed successfully.