Skip to content

docs(auth): fix /verify endpoint documentation to match validation logic#2381

Open
rajpohekar wants to merge 1 commit intosupabase:masterfrom
rajpohekar:fix-verify-docs
Open

docs(auth): fix /verify endpoint documentation to match validation logic#2381
rajpohekar wants to merge 1 commit intosupabase:masterfrom
rajpohekar:fix-verify-docs

Conversation

@rajpohekar
Copy link

@rajpohekar rajpohekar commented Feb 18, 2026

What changed

  • Updated POST /verify documentation to reflect actual validation rules
  • Documented the two supported verification flows:
    • token + email / phone
    • token_hash
  • Added missing request fields (email, phone, token_hash)
  • Corrected the list of supported type values
  • Added realistic request examples for email, SMS, and magic link verification
  • Clarified GET /verify behavior where token is treated as a token_hash

Why

The existing README described request payloads that do not match the current
validation logic in internal/api/verify.go, which results in confusing
validation_failed errors for users following the docs.

This PR aligns the documentation with the implementation without changing any
runtime behavior.

Scope

  • Documentation only
  • No API or behavior changes

@rajpohekar rajpohekar requested a review from a team as a code owner February 18, 2026 10:49
@coderabbitai
Copy link

coderabbitai bot commented Feb 18, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

📝 Walkthrough

Summary by CodeRabbit

  • Documentation
    • Enhanced API documentation for verification methods, clarifying distinct behaviors and requirements for POST and GET endpoints
    • Added explicit field requirements and validation rules with comprehensive examples
    • Included detailed verification flow sections for better endpoint understanding
    • Updated backward compatibility notes with improved wording

Walkthrough

The README.md documentation has been updated to clarify the POST /verify and GET /verify verification methods. The changes replace a previous multi-type description with two mutually exclusive verification approaches: one using token with email/phone fields, and another using token_hash. Updates include explicit field requirements, validation rules, a new magiclink token_hash example, inclusion of email in the POST /verify token payload, and adjustments to the GET /verify description noting that the token query parameter is treated as token_hash internally. Minor wording changes were also made to the backward compatibility note.

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rajpohekar