Verify user email
Use this when the user has read back the 6-digit code from their email and you want to upgrade the user-key to full scope.
Validates the 6-digit code (3 attempts max), upgrades the bootstrap user-key from restricted to full scope (same key — no rotation), flips agentBootstrapped→false + verificationStatus→verified, fires the user.verified webhook stub. Cross-tenant/wrong-id → 404 leak-less.
Authorizations
Marea API key. mk_dev_* keys are developer-scoped (bootstrap, list users, register webhook). mk_user_* keys are user-scoped (manage that one user's storefronts/products). Scopes: catalog:read, catalog:write, storefront:publish, me:verify, me:resendVerification, developer:bootstrap, developer:read, developer:issueUserKey, developer:webhooks.
Headers
Optional client-supplied key. Replays of the same key within 24h return the original response. Recommended for POSTs that mutate billing/inventory.
200"idem_b2a9f5b9-3e0c-4a5e-b3c2-7a4ce85a6b21"
BCP-47 locale tag for localized error messages (es, en, pt). Defaults to es.
"es-MX"
Path Parameters
Body
Request body.
^\d{6}$