diff --git a/src/auth/index.js b/src/auth/index.js
index d2afb1c1a..e0f35409d 100644
--- a/src/auth/index.js
+++ b/src/auth/index.js
@@ -193,6 +193,57 @@ AuthenticationClient.prototype.requestEmailCode = function(data, cb) {
return this.passwordless.sendEmail(data, cb);
};
+/**
+ * Verify the given OTP which was sent on the given email.
+ *
+ * @method verifyEmailCode
+ * @memberOf module:auth.AuthenticationClient.prototype
+ *
+ * @example
+ * Given the user credentials (`email` and `otp`), authenticates
+ * with the provider using the `/oauth/token` endpoint. Upon successful
+ * authentication, returns a JSON object containing the `access_token` and
+ * `id_token`.
+ *
+ *
+ * var data = {
+ * email: '{EMAIL}',
+ * otp: '{VERIFICATION_CODE}'
+ * };
+ *
+ * auth0.verifyEmailCode(data, function (err) {
+ * if (err) {
+ * // Handle error.
+ * }
+ * });
+ *
+ * @example
+ * The user data object has the following structure.
+ *
+ *
+ * {
+ * id_token: String,
+ * access_token: String,
+ * token_type: String
+ * }
+ *
+ * @param {Object} data Credentials object.
+ * @param {String} data.email Email.
+ * @param {String} data.otp Verification code.
+ * @param {Function} [cb] Method callback.
+ *
+ * @return {Promise|undefined}
+ */
+AuthenticationClient.prototype.verifyEmailCode = function(data, cb) {
+ var translatedData = {
+ username: data.email,
+ realm: 'email',
+ otp: data.otp
+ };
+
+ return this.passwordless.signIn(translatedData, cb);
+};
+
/**
* Start passwordless flow sending an SMS.
*
diff --git a/test/auth/authentication-client.tests.js b/test/auth/authentication-client.tests.js
index b02a9c1e6..4f0a744e9 100644
--- a/test/auth/authentication-client.tests.js
+++ b/test/auth/authentication-client.tests.js
@@ -221,4 +221,26 @@ describe('AuthenticationClient', function() {
this.client.verifySMSCode({ phone_number: '123', password: 'code' }, this.callback);
});
});
+
+ describe(`verifyEmailCode`, () => {
+ before(function() {
+ this.client = new AuthenticationClient({ token: 'token', domain: 'auth0.com' });
+ this.passwordlessMock = sinon.mock(this.client.passwordless);
+ this.callback = function() {};
+ });
+ it('should call signIn with otp if provided', function() {
+ this.passwordlessMock
+ .expects('signIn')
+ .once()
+ .withExactArgs(
+ {
+ username: '123',
+ realm: 'email',
+ otp: 'code'
+ },
+ this.callback
+ );
+ this.client.verifyEmailCode({ email: '123', otp: 'code' }, this.callback);
+ });
+ });
});