Skip to main content

Overview

This guide will walk you through sending your first OTP and verifying it. You’ll learn the basic workflow that powers all OTP verification in your applications.

Step 1: Get Your API Key

1

Sign up for an account

Go to app.easyotp.dev/signup and create your account.
2

Navigate to API Keys

Once logged in, go to the API Keys section in your dashboard.
3

Create a new API key

Click “Create API Key” and give it a descriptive name. Copy and save your key securely.
Store your API key securely! It provides access to your account and cannot be retrieved after creation.

Step 2: Send Your First OTP

Choose your preferred method: 
curl -X POST https://app.easyotp.dev/api/v1/send \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "channel": "sms",
    "recipient": "+1234567890",
    "message": "Your verification code is: {code}",
    "expires_in": 300
  }'

Response

{
  "success": true,
  "verification_id": "11f951d5-32d1-4b49-bdda-7da248e2615c",
  "expires_at": "2024-01-01T12:05:00.000Z",
  "request_id": "7b4d6022-7260-4568-b6b7-29c366c47bbc"
}
Save the verification_id - you’ll need it to verify the code.

Step 3: Verify the Code

When your user enters the code they received, verify it: 
curl -X POST https://app.easyotp.dev/api/v1/verify \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "verification_id": "11f951d5-32d1-4b49-bdda-7da248e2615c",
    "code": "123456"
  }'

Response

{
  "success": true,
  "verified": true,
  "message": "Code verified successfully",
  "request_id": "7b4d6022-7260-4568-b6b7-29c366c47bbc"
}

Understanding Channels

EasyOTP supports three channels:

SMS

Send codes via text message. Recipient must be a valid E.164 phone number (e.g., +1234567890).

Email

Send codes via email. Supports custom subject lines for better branding.

Voice

Deliver codes via automated voice call. Great for accessibility and international users.

Next Steps

JavaScript SDK

Use our official JavaScript SDK

Python SDK

Use our official Python SDK

API Reference

Explore the complete API documentation

View Logs

Monitor your API usage and debug issues

Manage Credits

Add credits to your account

Get Support

Need help? Contact our support team

Best Practices

Keep verification IDs associated with user sessions server-side. Never expose them in URLs or client-side code.
Use shorter expiration times (2-5 minutes) for sensitive operations. Longer times (10-15 minutes) are acceptable for email verification.
Include your brand name and make messages clear. Good: “Your Acme Corp verification code is: ”. Bad: "".
Always check the response status and handle errors. Provide clear feedback to users when codes expire or are invalid.
Limit how many codes users can request in a time period to prevent abuse and reduce costs.