Appearance
Overview
The OTP module manages One-Time Password operations for secure verification and authentication. OTPs can be sent via email or SMS and are used in various authentication flows such as password reset and sign-in.
Endpoints
Each endpoint represents a specific OTP operation.
| Method | Endpoint | Description | Auth |
|---|---|---|---|
POST | /otp/create | Create and send OTP | Tenant |
POST | /otp/verify | Verify OTP code | Tenant |
POST | /otp/resend | Resend OTP | Tenant |
POST | /otp/cancel | Cancel active OTP | Tenant |
OTP Methods
The OTP module supports multiple delivery methods for sending OTPs to users.
Email
The email method sends OTPs to the user's registered email address. This method requires a valid email address and is commonly used for password reset flows, email verification, and email-based sign-in. The user must have access to the email inbox to receive and use the OTP code.
SMS
The sms method sends OTPs to the user's registered phone number via SMS. This method requires a valid phone number and is commonly used for phone verification and phone-based sign-in. The user must have access to the phone number to receive and use the OTP code.
Staging Environment
In the staging environment, OTP codes are not sent via email or SMS. Instead, they are shared in the webmixhub-otp Slack channel for testing purposes.