Level 88
Well the steps are still the same right. You register a user and you send them an email. They verify the email and that's it. You can't let them verify using the api, because that wouldn't make sense. So the process is still the same!
In Laravel you only have to fire of the Registered event and the email should be send by default.
// Controller
public function register(Request $request)
{
$user = User::create($request->all());
event(new \Illuminate\Auth«Events\Registered($user));
return response()->json([], 201);
}
Make sure that you protect all the other routes from being accessed if the user hasn't verified their email yet. That should do it!