Email OTP

Start email OTP enrollment

POST https://api.authsignal.com/v1/client/user-authenticators/email-otp

Use this endpoint to start a challenge to enroll a new email OTP authenticator for a given email address.

Request

• emailstring

  The user's email address.

Response

• userAuthenticatorIdstring

  The ID of the email OTP authenticator which has been created but not yet verified.

Start email OTP challenge

Use this endpoint to start a challenge when the user is already enrolled with at least one email OTP authenticator.

POST https://api.authsignal.com/v1/client/challenge/email-otp

Request

• userAuthenticatorIdstring | undefined

  The ID of the email OTP authenticator to use. Only required if the user has multiple email OTP authenticators and you want to target a specific one.

Verify email OTP challenge

POST https://api.authsignal.com/v1/client/verify/email-otp

Use this endpoint to verify a challenge when enrolling a new email OTP authenticator or when re-authenticating with an existing email OTP authenticator.

Request

• verificationCodestring

  The OTP code inputted by the user.

Response

• isVerifiedboolean

  True if the inputted OTP code matches the code which was sent.

• accessTokenstring | undefined

  A new short-term token with scopes to manage authenticators (e.g. add secondary authenticators, remove authenticators, view or regenerate recovery codes). Only present if the challenge succeeded.

• failureReasonstring | undefined

  One of the following values: CODE_INVALID_OR_EXPIRED, MAX_ATTEMPTS_EXCEEDED.