# Verify signup code and get OAuth tokens

Step 2 of headless account creation. Exchanges the signup_session_token and the 6-character verification code (sent via email) for OAuth access and refresh tokens.

Endpoint: POST /api/oauth/signup/verify
Version: 1.0.0

## Request fields (application/json):

  - `signup_session_token` (string, required)
    Token from POST /api/oauth/signup

  - `verification_code` (string, required)
    6-character alphanumeric code from the verification email

## Response 200 fields (application/json):

  - `access_token` (string)

  - `token_type` (string)
    Enum: "Bearer"

  - `expires_in` (number)

  - `refresh_token` (string)

  - `scope` (string)


## Response 400 fields

## Response 429 fields