diff --git a/users/tests.py b/users/tests.py
index 0ed3ca63..981d247e 100644
--- a/users/tests.py
+++ b/users/tests.py
@@ -28,6 +28,18 @@ def test_guest_can_request_for_otp(self):
         otp_exists = OneTimePassword.objects.filter(mobile=self.user.mobile).exists()
         self.assertTrue(otp_exists)
 
+    def test_verifying_otp_fails_when_otp_not_passed(self):
+        # check whether otp param is passed
+        response = self.client.post(reverse("verify-otp"), {"mobile": self.user.mobile})
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(response.data["detail"], "otp not provided")
+
+    def test_verifying_otp_fails_when_mobile_not_passed(self):
+        # check whether mobile param is passed
+        response = self.client.post(reverse("verify-otp"))
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(response.data["detail"], "mobile not provided")
+
     def test_invalid_otp_should_fail(self):
         # request otp
         self.client.post(reverse("request-otp"), {"mobile": self.user.mobile})
diff --git a/users/views.py b/users/views.py
index 441b8396..89ead555 100644
--- a/users/views.py
+++ b/users/views.py
@@ -180,6 +180,13 @@ def request_otp(request):
 @api_view(["POST"])
 @permission_classes([AllowAny])
 def verify_otp(request):
+
+    for key in ["mobile", "otp"]:
+        if key not in request.data:
+            return Response(
+                {"detail": f"{key} not provided"},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
     mobile = request.data["mobile"]
     otp = request.data["otp"]
     try: