OTP Verification
Generate and verify one-time passwords via SMS, WhatsApp, or Email.
Send 6-digit one-time passwords to your users for authentication, account verification, or transaction confirmation. OTP codes expire after 5 minutes and support up to 3 verification attempts. Available via SMS, WhatsApp, and Email channels.
Endpoints
| Method | Path | Permission |
|---|---|---|
POST | verify.use | |
POST | verify.use |
Send OTP
POST /api/v1/otp/send
Send an OTP code
Request body
| Field | Required | Description |
|---|---|---|
| to | Yes | E.164 phone number for SMS/WhatsApp, or email address for email channel. |
| channel | Yes | sms, whatsapp, or email |
| brand_name | No | Brand name included in the OTP message. Defaults to "Sendy". |
| locale | No | en or fr. Defaults to en. |
| reference | No | Free-form metadata string returned on verification. |
Response
{
"success": true,
"data": {
"otp_id": "550e8400-e29b-41d4-a716-446655440000",
"channel": "sms",
"to": "+324****56",
"expires_at": "2026-04-09T12:05:00.000Z",
"status": "sent"
}
}json
Rate limit: 5 OTP per hour per recipient.
Verify OTP
POST /api/v1/otp/verify
Verify an OTP code
Response (valid code)
{
"success": true,
"data": { "valid": true, "reference": "signup-user-42" }
}json
Response (invalid code)
{
"success": true,
"data": { "valid": false, "attempts_remaining": 2 }
}json
Error codes
404— OTP not found.410— OTP expired or already used.429— Max verification attempts reached.