diff --git a/trifid-api/src/routes/v1/verify_totp_authenticator.rs b/trifid-api/src/routes/v1/verify_totp_authenticator.rs
index bdc0564..3aacd4c 100644
--- a/trifid-api/src/routes/v1/verify_totp_authenticator.rs
+++ b/trifid-api/src/routes/v1/verify_totp_authenticator.rs
@@ -39,7 +39,7 @@ pub struct VerifyTotpAuthenticatorResponse {
     pub metadata: VerifyTotpAuthenticatorResponseMetadata,
 }
 
-#[options("/v1/auth/verify-totp-authenticator")]
+#[options("/v1/verify-totp-authenticator")]
 pub async fn options() -> &'static str {
     ""
 }
@@ -52,7 +52,7 @@ pub async fn verify_totp_authenticator_request(req: Json<VerifyTotpAuthenticator
         Err(e) => return Err((Status::Unauthorized, format!("{{\"errors\":[{{\"code\":\"{}\",\"message\":\"{} - {}\"}}]}}", "ERR_UNAUTHORIZED", "this token is invalid", e)))
     };
     if !totpmachine.check_current(&req.0.code).unwrap() {
-        return Err((Status::Unauthorized, format!("{{\"errors\":[{{\"code\":\"{}\",\"message\":\"{}\",\"path\":\"totpToken\"}}]}}", "ERR_INVALID_TOTP_TOKEN", "TOTP token does not exist (maybe it expired?)")))
+        return Err((Status::Unauthorized, format!("{{\"errors\":[{{\"code\":\"{}\",\"message\":\"{}\",\"path\":\"totpToken\"}}]}}", "ERR_INVALID_TOTP_CODE", "Invalid TOTP code")))
     }
     match use_totp_token(req.0.totp_token, user.email, db.inner()).await {
         Ok(_) => (),