Thaaigroup Verify
Email OTP Verification
Login Get API Keys

Documentation

This guide explains how to integrate Thaaigroup Verify into your application to securely verify user email addresses using OTPs. All OTP emails are sent from our trusted infrastructure.

What is Thaaigroup Verify?

Thaaigroup Verify is a centralized email OTP verification service. Your application calls our APIs to send and verify OTPs — you do not manage email servers, SMTP, or abuse protection.

  • Email OTP for signup and login
  • Domain allowlist and rate limits
  • Monthly quota per project
  • Simple REST APIs

Verification Flow

  1. User enters email on your website/app
  2. Your backend calls /api/otp/send
  3. User receives OTP email from Thaaigroup Verify
  4. User enters OTP
  5. Your backend calls /api/otp/verify
  6. Create user account only after successful verification

Prerequisites

  • Create a developer account
  • Create a project in dashboard
  • Generate Client ID and Client Secret
  • Add your website domain to allowlist

Authentication

All API requests must be sent from your backend with the following headers:

X-Client-Id: YOUR_CLIENT_ID X-Client-Secret: YOUR_CLIENT_SECRET X-Client-Domain: yourdomain.com

Do not expose these keys in frontend JavaScript.

Send OTP

Endpoint:

POST https://account.thaaigroup.com/api/otp/send

Request body:

{ "email": "user@example.com", "purpose": "signup" }

Success response:

{ "ok": true, "message": "OTP sent", "expires_in": 300, "cooldown": 60 }

Verify OTP

POST https://account.thaaigroup.com/api/otp/verify
{ "email": "user@example.com", "otp": "123456", "purpose": "signup" }
{ "ok": true, "verified": true }

Laravel Integration Example

Add to .env:

VERIFY_CLIENT_ID=xxxx VERIFY_CLIENT_SECRET=xxxx VERIFY_DOMAIN=yourdomain.com

Controller example:

$response = Http::withHeaders([ 'X-Client-Id' => config('services.verify.client_id'), 'X-Client-Secret' => config('services.verify.client_secret'), 'X-Client-Domain' => config('services.verify.domain'), ])->post('https://account.thaaigroup.com/api/otp/send', [ 'email' => $request->email, 'purpose' => 'signup' ]); return $response->json();

Common Error Codes

  • QUOTA_EXCEEDED – Monthly limit reached
  • RATE_LIMITED – Too many requests
  • RESEND_COOLDOWN – Wait before requesting again
  • OTP_INVALID – Incorrect or expired OTP

Security Notes

  • Always call APIs from backend
  • Never expose client secret
  • Create users only after OTP verification
  • OTP expires automatically