One-Time Passwords (OTP)
How to send a one time use code to a user's email or mobile phone number.
With the possession of a valid access token, it's possible to send a 6-digit numeric code, or a one-time password (OTP), to a user's email address or mobile phone number. That code can then be validated against that user's profile using the /otp/verify
endpoint.
About the
env_id
parameterAs with all Next Identity API calls, if your organization has a custom domain there is no need to pass an
env_id
.
OTP Send
The OTP code can be sent either via email or SMS. When using SMS, a message parameter can be included to define custom messaging. For example: Your one time use code is %code%
. It is necessary to include the %code%
in the message in order for the OTP code to be displayed.
curl --request POST \
--url 'https://id.eu.nextreason.com/idp/v1/otp/send?env_id=ENVIRONMENT_ID' \
--header 'Content-Type: application/json' \
--data '
{
"message": "Your one time use code is %code%",
"client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
"redirect_uri": "https://localhost.com",
"user_id": "+15417543010",
"auth_type": "sms",
"locale": "en-US"
}
'
For more information on the OTP Send endpoint, refer to the /otp/send
section in the API Reference guide.
OTP Verify
With the possession of a valid access token it is possible to verify the 6 digit numeric code sent via OTP verify.
REQUEST
curl --request POST \
--url 'https://id.eu.nextreason.com/idp/v1/otp/verify?env_id=ENVIRONMENT_ID' \
--header 'Content-Type: application/json' \
--data '
{
"code": "151121",
"client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
"user_id": "+15417543010",
"auth_type": "sms",
"locale": "en-US"
}
'
For more information on the OTP Verify endpoint, refer to the /otp/verify
section in the API Reference guide.
Updated 9 months ago