> ## Documentation Index > Fetch the complete documentation index at: https://help-loyalife.xoxoday.com/llms.txt > Use this file to discover all available pages before exploring further. # Verify OTP by Relation Reference > Validate a LOGIN OTP using the member's RelationReference. Completes the OTP verification for a member identified by their `RelationReference`. This is the second and final step of the CID-based OTP flow — call this after [Generate OTP by Relation Reference](/api-reference/otp/generate-otp-by-relation) has dispatched the code. The `OtpType` must match exactly what was used in the generate call; a mismatch will result in a failed verification even if the numeric code is correct. OTP expiry duration and maximum attempt limits are **configurable at the program level** in Loyalife Admin — confirm these values with your Xoxoday implementation contact. ## Responses | Path | Type | Description | | -------------------------- | ------- | --------------------------------- | | `results.IsSucessful` | boolean | `true` | | `results.ErrorCode` | string | `000` | | `results.ExceptionMessage` | string | `Success` | | `results.ReturnObject` | boolean | `true` on successful verification | ## OpenAPI ````yaml POST /lbms-ingress/member/api/Member/VerifyOTPByRelationReference openapi: 3.1.0 info: title: Loyalife LBMS API description: >- REST API for Loyalife's Loyalty Management System. Covers member management, OTP authentication, loyalty transactions, and points redemption. version: 1.0.0 contact: name: Xoxoday Support email: support@xoxoday.com servers: - url: https://loyalife-api.xoxoday.in description: Production security: - bearerAuth: [] paths: /lbms-ingress/member/api/Member/VerifyOTPByRelationReference: post: tags: - OTP summary: Verify OTP by Relation Reference description: Validate a LOGIN OTP using the member's RelationReference. operationId: verifyOtpByRelationReference requestBody: required: true content: application/json: schema: type: object required: - UniquerefID - OTP - DestinationAddress - Destination - OtpType - ProgramId - RelationType properties: UniquerefID: type: string description: The member's RelationReference (CID) example: jane.doe@example.com OTP: type: integer example: 123456 DestinationAddress: type: string example: 192.168.1.1 Destination: type: string enum: - Web - Mobile example: Web OtpType: $ref: '#/components/schemas/OtpType' enum: - ACTIVATION - LOGIN - FORGOTPWD - CHANGEPASSWORD - RESETPASSWORD - FORGOTUSERNAME - TwoFA - UNBLOCKMEMBER - NONE - CASHBACKCONFIRM - POINTTRANSFERCONFIRM - FAMILYPOOLINGMERGE - FAMILYPOOLINGUNMERGE - AIRREVIEWNCONFIRM - DOMESTICFLIGHTREVIEWNCONFIRM - HOTELREVIEWNCONFIRM - CARREVIEWNCONFIRM - GIFTCARDREVIEWNCONFIRM - PACKAGEREVIEWNCONFIRM - SHOPREVIEWNCONFIRM - SHOPDIGITALREVIEWNCONFIRM - MERCHANTREVIEWNCONFIRM - ISPREVIEWNCONFIRM - INSURANCEREVIEWNCONFIRM description: >- Purpose of the OTP. Must match between Generate and Verify calls. example: LOGIN ProgramId: type: integer example: 19 RelationType: type: integer example: 4 example: UniquerefID: jane.doe@example.com OTP: 123456 DestinationAddress: 192.168.1.1 Destination: Web OtpType: LOGIN ProgramId: 19 RelationType: 4 responses: '200': description: OTP verified content: application/json: example: results: IsSucessful: true ErrorCode: '000' ExceptionMessage: Success ReturnObject: true components: schemas: OtpType: type: string enum: - LOGIN - FORGOTPWD - ACTIVATION - CHANGEPASSWORD - RESETPASSWORD - TwoFA - REGISTRATION - PROFILEUPDATE example: LOGIN securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: >- JWT obtained from Generate Auth Token. Pass as `Authorization: bearer {token}`. ````