Login with OTP
Login with OTP allow users to login with OTP (Password less login) received over their mobile number which makes it more convenient to login.
Implementation of Login with OTP via Bridgekeeper API need few prerequisites from Quintype. Please proceed with implementation once the setup is complete.
API Sequence Diagram
Login with OTP flow
Below are the steps how we can use login with OTP.
User initiates a Send OTP request with a phone number.
- A
POSTcall is needed to be made to/api/auth/v1/users/send-otpwith below body.phone-numberphone number to which the user wants the OTP to be sent.always-send=trueneeds to be passed for the user who doesn't have a account in Bridgekeeper yet.
- A
When the user initiates a Send OTP request with a phone number, an OTP would be send as SMS to the phone number user provided which can be used now for login.
On receiving an OTP on SMS from the service provider. User needs to makes an POST login call with the
phone-numberandotp. to/api/auth/v1/login.auto-signup=true can be passed in the login body to create a user and then login if he doesn't exist in Bridgekeeper yet.
On successful login bridgekeeper returns a user object back and sets the
qt-authin cookies.Post successful login, we can get the user details via GET /api/auth/v1/users/me call using the qt-auth cookie. This returns back the user details with a response code of 200 and the user is shown as logged in.
Sample CURLs
Refer to Swagger API docs for more info on API usage.
Send OTP
curl --request POST 'https://<client-domain>/api/auth/v1/users/send-otp' \
-H 'Content-Type: application/json' \
-H 'Origin: https://<client-domain>' \
--data-raw '{"phone-number":"+919888888888"}' \
Login
curl --request POST 'https://<client-domain>/api/auth/v1/login' \
-H 'Content-Type: application/json' \
-H 'Origin: https://<client-domain>' \
--data-raw '{"phone-number":"+919888888888","otp":"43210"}' \