Skip to main content

Login with OTP

Login with OTP allow users to login with OTP (Password less login) received over their mobile number or Email which makes it more convenient to login.

Implementation of Login with OTP via Bridgekeeper API need few prerequisites from Quintype. Please proceed with implementation once the setup is complete.

API Sequence Diagram

Social Login Web Flow

Login with OTP flow

Below are the steps how we can use login with OTP.

  • User initiates a Send OTP request with a phone number.

    • A POST call is needed to be made to /api/auth/v1/users/send-otp with below body.
      • phone-number phone number to which the user wants the OTP to be sent.
      • always-send=true needs to be passed for the user who doesn't have a account in Bridgekeeper yet.
  • When the user initiates a Send OTP request with a phone number, an OTP would be send as SMS to the phone number user provided which can be used now for login.

  • On receiving an OTP on SMS from the service provider. User needs to makes an POST login call with the phone-number and otp. to/api/auth/v1/login.

  • auto-signup=true can be passed in the login body to create a user and then login if he doesn't exist in Bridgekeeper yet.

  • On successful login bridgekeeper returns a user object back and sets the qt-auth in cookies.

  • Post successful login, we can get the user details via GET /api/auth/v1/users/me call using the qt-auth cookie. This returns back the user details with a response code of 200 and the user is shown as logged in.

Sample CURLs


Refer to Swagger API docs for more info on API usage.

Send OTP

curl --request POST  'https://<client-domain>/api/auth/v1/users/send-otp' \
-H 'Content-Type: application/json' \
-H 'Origin: https://<client-domain>' \
--data-raw '{"phone-number":"+919888888888"}' \

Login

curl --request POST 'https://<client-domain>/api/auth/v1/login' \
-H 'Content-Type: application/json' \
-H 'Origin: https://<client-domain>' \
--data-raw '{"phone-number":"+919888888888","otp":"43210"}' \