Skip to main content

Signup with OTP

We can now use OTP verification to sign up a user by sending an SMS message to the user's phone. The user signs up using a one-time code contained in the SMS message and his account is created successfully.

Implementation of Signup with OTP via Bridgekeeper API need few prerequisites from Quintype. Please proceed with implementation once the setup is complete.

API Sequence Diagram

Social Login Web Flow

Signup with OTP flow

Below are the steps how we can use OTP verification with Bridgekeeper Signup API's on Web.

  • User initiates a Send OTP request with a phone number.

    • A POST call is needed to be made to /api/auth/v1/users/send-otp with below body.
      • phone-number phone number to which the user wants the OTP to be sent.
      • always-send=true always-send=true needs to be passed for the user who doesn't have a account in Bridgekeeper yet.
  • When the user initiates a Send OTP request with a phone number, an OTP would be send as SMS to that particular phone number which can be used now for signup.

  • On receiving an OTP on SMS from the service provider. User needs to makes an POST Signup call with the login-phone-number and otp. to/api/auth/v1/signup.

  • login-phone-number must be passed in the signup api call. For the user to be able to proceed with Login with OTP for that number.

  • On successful signup bridgekeeper returns a user object back and sets the qt-auth in cookies and logs in the user if dont-login=false is set.

  • Post successful login we can get the user details via GET /api/auth/v1/users/me as qt-auth is set as cookies it return back the user details with a response code of 200 and user is shown as logged in.

Sample CURLs

Refer to Swagger API docs for more info on API usage.

Send OTP

curl --request POST  'https://<client-domain>/api/auth/v1/users/send-otp' \
-H 'Content-Type: application/json' \
-H 'Origin: https://<client-domain>' \
--data-raw '{"phone-number":"+919888888888","always-send":true}' \


curl --request POST 'https://<client-domain>/api/auth/v1/signup' \
-H 'Content-Type: application/json' \
-H 'Origin: https://<client-domain>' \
--data-raw '{"username":"johndoe","first-name":"john","login-phone-number":"+919888888888","last-name":"doe","dont-login":true,"otp":"43210"}' \