Attempt a one-time password verification.

Attempt a one-time password verification.

A verification may only be attempted if the state is PENDING.

NB: Once a verification's state has changed from PENDING, it will cease to exist after a given time.

NB: When the query parameter 'returnJwt' is included and set to 'true', the response will change from a 204 with no content to a 200 with a JSON body. This body will contain an assertion in the form of a JWT, which serves as cryptographic proof of the factor performed. The format of the response body is:
{
    "assertion": "ey..."
}
The 'returnJwt' feature only operates if the entitlement 'authnAnyUser' is not present.

Entitlements:
- authnAnyUser (Authenticate any user)
- authn (Authenticate self)