Skip to main content
POST
/
public
/
v1
/
submit
/
init_otp_auth

Authorizations

X-Stamp
string
required
Cryptographically signed (stamped) request to be passed in as a header. For more info, see here.

Body

type
enum<string>
required
Enum options: ACTIVITY_TYPE_INIT_OTP_AUTH_V3
timestampMs
string
required
Timestamp (in milliseconds) of the request, used to verify liveness of user requests.
organizationId
string
required
Unique identifier for a given Organization.
parameters
object
required

The parameters object containing the specific intent data for this activity.

generateAppProofs
boolean
Enable to have your activity generate and return App Proofs, enabling verifiability.

Response

A successful response returns the following fields:
activity
object
required
The activity object containing type, intent, and result
curl --request POST \
  --url https://api.turnkey.com/public/v1/submit/init_otp_auth \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --header "X-Stamp: <string> (see Authorizations)" \
  --data '{
    "type": "ACTIVITY_TYPE_INIT_OTP_AUTH_V3",
    "timestampMs": "<string> (e.g. 1746736509954)",
    "organizationId": "<string> (Your Organization ID)",
    "parameters": {
        "otpType": "<string>",
        "contact": "<string>",
        "otpLength": "<number>",
        "appName": "<string>",
        "emailCustomization": {
            "logoUrl": "<string>",
            "magicLinkTemplate": "<string>",
            "templateVariables": "<string>",
            "templateId": "<string>"
        },
        "smsCustomization": {
            "template": "<string>"
        },
        "userIdentifier": "<string>",
        "sendFromEmailAddress": "<string>",
        "alphanumeric": "<boolean>",
        "sendFromEmailSenderName": "<string>",
        "expirationSeconds": "<string>",
        "replyToEmailAddress": "<string>"
    }
}'
import { Turnkey } from "@turnkey/sdk-server";

const turnkeyClient = new Turnkey({
  apiBaseUrl: "https://api.turnkey.com",
  apiPublicKey: process.env.API_PUBLIC_KEY!,
  apiPrivateKey: process.env.API_PRIVATE_KEY!,
  defaultOrganizationId: process.env.ORGANIZATION_ID!,
});

const response = await turnkeyClient.apiClient().initOtpAuth({
  otpType: "<string> (Whether to send OTP via SMS or email. Possible values: OTP_TYPE_SMS, OTP_TYPE_EMAIL)",
  contact: "<string> (Email or phone number to send the OTP code to)",
  otpLength: 0 // Optional length of the OTP code. Default = 9,
  appName: "<string> (The name of the application. This field is required and will be used in email notifications if an email template is not provided.)",
  emailCustomization: { // emailCustomization field,
    logoUrl: "<string> (A URL pointing to a logo in PNG format. Note this logo will be resized to fit into 340px x 124px.)",
    magicLinkTemplate: "<string> (A template for the URL to be used in a magic link button, e.g. `https://dapp.xyz/%s`. The auth bundle will be interpolated into the `%s`.)",
    templateVariables: "<string> (JSON object containing key/value pairs to be used with custom templates.)",
    templateId: "<string> (Unique identifier for a given Email Template. If not specified, the default is the most recent Email Template.)",
  },
  smsCustomization: { // smsCustomization field,
    template: "<string> (Template containing references to .OtpCode i.e Your OTP is {{.OtpCode}})",
  },
  userIdentifier: "<string> (Optional client-generated user identifier to enable per-user rate limiting for SMS auth. We recommend using a hash of the client-side IP address.)",
  sendFromEmailAddress: "<string> (Optional custom email address from which to send the OTP email)",
  alphanumeric: true // Optional flag to specify if the OTP code should be alphanumeric (Crockford’s Base32). Default = true,
  sendFromEmailSenderName: "<string> (Optional custom sender name for use with sendFromEmailAddress; if left empty, will default to 'Notifications')",
  expirationSeconds: "<string> (Expiration window (in seconds) indicating how long the OTP is valid for. If not provided, a default of 5 minutes will be used. Maximum value is 600 seconds (10 minutes))",
  replyToEmailAddress: "<string> (Optional custom email address to use as reply-to)"
});
{
  "activity": {
    "id": "<activity-id>",
    "status": "ACTIVITY_STATUS_COMPLETED",
    "type": "ACTIVITY_TYPE_INIT_OTP_AUTH_V3",
    "organizationId": "<organization-id>",
    "timestampMs": "<timestamp> (e.g. 1746736509954)",
    "result": {
      "activity": {
        "id": "<string>",
        "organizationId": "<string>",
        "status": "<string>",
        "type": "<string>",
        "intent": {
          "initOtpAuthIntentV3": {
            "otpType": "<string>",
            "contact": "<string>",
            "otpLength": "<number>",
            "appName": "<string>",
            "emailCustomization": {
              "logoUrl": "<string>",
              "magicLinkTemplate": "<string>",
              "templateVariables": "<string>",
              "templateId": "<string>"
            },
            "smsCustomization": {
              "template": "<string>"
            },
            "userIdentifier": "<string>",
            "sendFromEmailAddress": "<string>",
            "alphanumeric": "<boolean>",
            "sendFromEmailSenderName": "<string>",
            "expirationSeconds": "<string>",
            "replyToEmailAddress": "<string>"
          }
        },
        "result": {
          "initOtpAuthResultV2": {
            "otpId": "<string>"
          }
        },
        "votes": "<array>",
        "fingerprint": "<string>",
        "canApprove": "<boolean>",
        "canReject": "<boolean>",
        "createdAt": "<string>",
        "updatedAt": "<string>"
      }
    }
  }
}