Update script to send user_id in verify request

The verify endpoint is now public and doesn't require API key.
Instead it takes user_id and verification_code in the request body.

Changes:
- Removed X-API-Key header from verify request
- Added user_id to request body
- Endpoint returns API key after successful verification

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

deploy-to-apps.example.sh

@@ -372,11 +372,10 @@ else
     echo ""
     echo "🔐 Verifying email..."
 
-    # Verify email
+    # Verify email (public endpoint - no API key needed)
     VERIFY_RESPONSE=$(curl -s -X POST "${SAAC_API}/users/verify" \
-        -H "X-API-Key: ${SAAC_API_KEY}" \
         -H "Content-Type: application/json" \
-        -d "{\"verification_code\":\"$VERIFY_CODE\"}")
+        -d "{\"user_id\":\"$USER_ID\",\"verification_code\":\"$VERIFY_CODE\"}")
 
     # Check if verified
     if echo "$VERIFY_RESPONSE" | grep -q '"verified":true'; then
@@ -433,11 +432,10 @@ if [ "$VERIFIED" != "true" ]; then
     echo ""
     echo "🔐 Verifying email..."
 
-    # Verify email
+    # Verify email (public endpoint - no API key needed)
     VERIFY_RESPONSE=$(curl -s -X POST "${SAAC_API}/users/verify" \
-        -H "X-API-Key: ${SAAC_API_KEY}" \
         -H "Content-Type: application/json" \
-        -d "{\"verification_code\":\"$VERIFY_CODE\"}")
+        -d "{\"user_id\":\"$USER_ID\",\"verification_code\":\"$VERIFY_CODE\"}")
 
     # Check if verified
     if echo "$VERIFY_RESPONSE" | grep -q '"verified":true'; then