I’m integrating Authy for one-time password delivery but the current implementation is returning authentication / authorization errors and, oddly, the OTP codes never reach the Authy portal. What I need: • Pin-point and eliminate the Authy error messages, proving that both send and verify calls work reliably. • Review my existing REST endpoints to be sure the full login–verification flow is clean, well-structured and properly secured. • Hand back concise notes (or quick comments in the code) so I understand any key changes—API keys, headers, callback URLs, rate limits, etc. Acceptance is simple: a test run that shows a new user registering, receiving the OTP, and successfully verifying without any Authy error in the response.