Skip to main content

Signup with OTP

We can now use OTP verification to sign up a user by sending an SMS message to the users phone or email id. The user signs up using a one-time code contained in the email or SMS message and his account is created successfully.

Implementation of Signup with OTP via Bridgekeeper API need few prerequisites from Quintype. Please proceed with implementation once the setup is complete.

API Sequence Diagram

Social Login Web Flow

Signup with OTP flow

Below are the steps how we can use OTP verification with Bridgekeeper Signup API's on Web.

  • User initiates a Send OTP request with a phone number/email.

    • A POST call is needed to be made to /api/auth/v1/users/send-otp with below body.
      • phone-number phone number to which the user wants the OTP to be sent.
      • email email address to which the user wants the OTP to be sent.
      • always-send=true always-send=true needs to be passed for the user who doesn't have a account in Bridgekeeper yet.

  • When the user initiates a Send OTP request with a phone number/email, an OTP would be sent as SMS to that particular phone number or email which can be now used for signup.

  • On receiving an OTP on email or SMS from the service provider, user needs to makes an POST Signup call with email and otp or with login-phone-number and otp to/api/auth/v1/signup.

  • login-phone-number must be passed in the signup api call. For the user to be able to proceed with Login with OTP for that number.

  • On successful signup bridgekeeper returns a user object back and sets the qt-auth in cookies and logs in the user if dont-login=false is set.

  • Post successful login we can get the user details via GET /api/auth/v1/users/me as qt-auth is set as cookies it return back the user details with a response code of 200 and user is shown as logged in.

Sample CURLs

Refer to Swagger API docs for more info on API usage.

Send OTP via phone number

curl --request POST  'https://<client-domain>/api/auth/v1/users/send-otp' \
  -H 'Content-Type: application/json' \
  -H 'Origin: https://<client-domain>' \
  --data-raw '{"phone-number":"+919888888888","always-send":true}' \

Send OTP via email

curl --request POST  'https://<client-domain>/api/auth/v1/users/send-otp' \
  -H 'Content-Type: application/json' \
  -H 'Origin: https://<client-domain>' \
  --data-raw '{"email":"johndoe@example.com","always-send":true}' \

Signup with phone number

curl --request POST 'https://<client-domain>/api/auth/v1/signup' \
  -H 'Content-Type: application/json' \
  -H 'Origin: https://<client-domain>' \
  --data-raw '{"username":"johndoe","first-name":"john","login-phone-number":"+919888888888","last-name":"doe","dont-login":true,"otp":"43210"}' \

Signup with email

curl --request POST 'https://<client-domain>/api/auth/v1/signup' \
  -H 'Content-Type: application/json' \
  -H 'Origin: https://<client-domain>' \
  --data-raw '{"username":"johndoe","first-name":"john","email":"johndoe@example.com,"last-name":"doe","dont-login":true,"otp":"43210"}' \