Signup with OTP
We can now use OTP verification to sign up a user by sending an SMS message to the users phone or email id. The user signs up using a one-time code contained in the email or SMS message and his account is created successfully.
Implementation of Signup with OTP via Bridgekeeper API need few prerequisites from Quintype. Please proceed with implementation once the setup is complete.
API Sequence Diagram
Signup with OTP flow
Below are the steps how we can use OTP verification with Bridgekeeper Signup API's on Web.
User initiates a Send OTP request with a phone number/email.
- A
POST
call is needed to be made to/api/auth/v1/users/send-otp
with below body.phone-number
phone number to which the user wants the OTP to be sent.email
email address to which the user wants the OTP to be sent.always-send=true
always-send=true needs to be passed for the user who doesn't have a account in Bridgekeeper yet.
- A
When the user initiates a Send OTP request with a phone number/email, an OTP would be sent as SMS to that particular phone number or email which can be now used for signup.
On receiving an OTP on email or SMS from the service provider, user needs to makes an POST Signup call with
email and otp
or withlogin-phone-number and otp
to/api/auth/v1/signup
.login-phone-number
must be passed in the signup api call. For the user to be able to proceed with Login with OTP for that number.On successful signup bridgekeeper returns a user object back and sets the
qt-auth
in cookies and logs in the user if dont-login=false is set.Post successful login we can get the user details via GET
/api/auth/v1/users/me
asqt-auth
is set as cookies it return back the user details with a response code of200
and user is shown as logged in.
Sample CURLs
Refer to Swagger API docs for more info on API usage.
Send OTP via phone number
curl --request POST 'https://<client-domain>/api/auth/v1/users/send-otp' \
-H 'Content-Type: application/json' \
-H 'Origin: https://<client-domain>' \
--data-raw '{"phone-number":"+919888888888","always-send":true}' \
Send OTP via email
curl --request POST 'https://<client-domain>/api/auth/v1/users/send-otp' \
-H 'Content-Type: application/json' \
-H 'Origin: https://<client-domain>' \
--data-raw '{"email":"johndoe@example.com","always-send":true}' \
Signup with phone number
curl --request POST 'https://<client-domain>/api/auth/v1/signup' \
-H 'Content-Type: application/json' \
-H 'Origin: https://<client-domain>' \
--data-raw '{"username":"johndoe","first-name":"john","login-phone-number":"+919888888888","last-name":"doe","dont-login":true,"otp":"43210"}' \
Signup with email
curl --request POST 'https://<client-domain>/api/auth/v1/signup' \
-H 'Content-Type: application/json' \
-H 'Origin: https://<client-domain>' \
--data-raw '{"username":"johndoe","first-name":"john","email":"johndoe@example.com,"last-name":"doe","dont-login":true,"otp":"43210"}' \