Security codes are only valid for 15 minutes after being generated and can only be verified from the same API key pair.
This endpoint is rate limited at 1 request per second however for short verification codes additional brute-force protection can also be enable using the 'limit-by' option.
The security code to verify
If set then enable additional brute-force protection by limiting the number of attempts by the supplied value. This can be set to any unique identifier you would like to limit by, for example a hash of the users email, phone number or IP address. Requests to this API will be ignored after approximately 10 failed verification attempts