1. Log in to the Kuika platform.
2. Select the project you want to work on from the Apps screen.
3. Go to the UI Design module.
4. Open the Properties panel on the right side.

5. Select the relevant component (e.g. ‘Verify’ button).
6. + ADD ACTION menu, add the Authorisation > Is Verification Code action according to the desired trigger event (Initial Actions, OnClick, OnBlur, etc.).
7. Define the following parameter:

• Verification Code (String - Required): The verification code entered by the user. It is usually taken from an input field.
• It is usually defined using data sources such as Action Result, Current, Form Component, Screen Input or Fixed, and can be linked via the Symbol Picker tool.

8. Sending the Verification Code (API or Backend)

How the verification code is sent:

• The verification code is usually sent to the user via SMS or email beforehand.
• This process is typically configured as a separate action that runs when the user clicks the ‘Send Code’ button.

Example scenario for sending the code:

• Add an OnClick action to the ‘Send Code’ button.
• This action allows you to send the verification code to the backend with a Service Call (e.g. POST /send-verification-code).
• The user's phone number or email address is sent to the backend in the Request Body.
• The backend generates and sends the verification code for this user.

9. After completing the configuration, click the SAVE button.

A user wants to reset their password and is sent a verification code. When the user enters this code in the appropriate field and clicks the ‘Verify’ button, the system must check whether the code is valid.

Application Flow:

• Element: Verify button
• Trigger: OnClick
• Action: Authorisation → Is Verification Code Valid
• Parameter:
  
  • Verification Code

Post-Action Usage:

• If the code is valid, the user is redirected to the screen to set a new password (Navigate action).
• If the code is invalid, an error message is displayed to the user with the Notify action.

• Conditional Redirection: The code verification result can be processed with an If Then Else structure to perform different actions based on valid/invalid codes.
• Dynamic Code Source: The code can be verified by retrieving it from different sources (e.g. SMS, email, in-app message).
• One-Time Codes: The code can be generated by the system to be valid only once.
• Time Limit Warning: When the code expires, the user can be offered the option to request a new code.

Technical Risks and Controls

• Code Format Check: The user accidentally entering spaces or invalid characters can cause errors. Pre-entry validation should be performed.
• Timeout: The validity period of the code should be well defined in the system and communicated to the user.
• Privacy: Codes should not be stored in plain text in the system and should be processed using secure algorithms.
• Incorrect Code Attempts: After a certain number of incorrect entries, the user should be temporarily blocked.

The Is Verification Code Valid action enables users to securely verify their identities. It provides an effective verification step without compromising the user experience in scenarios requiring advanced security. It plays a critical role in password reset, two-factor authentication, and registration processes.