{"Status":true,"Message":"","Response":{"post":{"postuid":"1e0e1061-e2ec-4e44-9e9c-f8505c5a5a81","tenantuid":"d8b744fc-2e70-4089-bb80-dd1d08f6c7b2","projectuid":"542e5f51-33cf-401f-aebe-4324ebe36fe4","title":"Send One Time Password","slug":"reference/send-one-time-password","html":"\u003Cp\u003EThe Send One Time Password (OTP) API is used send a numeric 4-8 (defaults to 6) digit \u003Ca href=\u0022https://www.dailystory.com/glossary/otp/\u0022\u003Eone time password\u003C/a\u003E to a contact\u0027s mobile phone via SMS or email inbox. \u003C/p\u003E\u003Cp\u003EA OTP is valid for 15 minutes after being generated.\u003C/p\u003E\u003Ch2 id=\u0022send_to_mobile_or_email\u0022\u003ESend to mobile or email\u003C/h2\u003E\u003Cp\u003EEither a mobile number or email address parameter must be provided. \u003C/p\u003E\u003Cp\u003EIf both an email address and a mobile number are provider, the OTP will be sent to the mobile number. If only an email address is provided, the OTP will be sent to to the user\u0027s email inbox.\u003C/p\u003E\u003Ch3 id=\u0022behavior_when_recipient_does_not_exist\u0022\u003EBehavior when recipient does not exist\u003C/h3\u003E\u003Cp\u003EWhen the API is called a contact is created if one does not exist. If the contact does exist, but the contact\u0027s status is deleted the OTP will fail.\u003C/p\u003E\u003Cp\u003EThe return value includes the contact\u0027s unique DailyStory ID. This DailyStory ID is used to validate the OTP received.\u003C/p\u003E\u003Ccite class=\u0022important\u0022\u003E\u003Cspan class=\u0022title\u0022\u003EImportant\u003C/span\u003E\u003Cp\u003EThe dsid of the contact is required to validate the one time password using the validation API.\u003C/p\u003E\u003C/cite\u003E\u003Ch3 id=\u0022resend_cooldown_and_lockout\u0022\u003EResend cooldown and lockout\u003C/h3\u003E\u003Cp\u003ETo prevent abuse, a cooldown period (default 30 seconds) must elapse before another OTP can be sent to the same mobile number. Use the \u003Cb\u003Ecooldown_seconds\u003C/b\u003E parameter to override this value (between 10 and 600 seconds). The successful response includes the active \u003Cb\u003Ecooldown_seconds\u003C/b\u003E value so the caller knows how long to wait.\u003C/p\u003E\u003Cp\u003EIf a contact exceeds the maximum number of failed verification attempts, the API returns HTTP \u003Cb\u003E429\u003C/b\u003E with \u003Cb\u003Elocked: true\u003C/b\u003E and a \u003Cb\u003Elockout_seconds\u003C/b\u003E value indicating how long until the contact may request a new OTP.\u003C/p\u003E\u003Cdiv class=\u0022api_header\u0022\u003EQuery Parameters\u003C/div\u003E\u003Csection class=\u0022api_parameters\u0022\u003E\u003Csection class=\u0022api_param\u0022\u003E\u003Cdiv class=\u0022api_param_header\u0022\u003E\u003Cspan class=\u0022p_name\u0022\u003Emobile\u003C/span\u003E\u003Cspan class=\u0022p_type\u0022\u003Estring\u003C/span\u003E\u003C/div\u003E\u003Cdiv\u003EA valid mobile number in e.164 format. For example, a U.S. number would be \u002B15551234567. Either mobile or email is required.\u003C/div\u003E\u003C/section\u003E\u003Csection class=\u0022api_param\u0022\u003E\u003Cdiv class=\u0022api_param_header\u0022\u003E\u003Cspan class=\u0022p_name\u0022\u003Eemail\u003C/span\u003E\u003Cspan class=\u0022p_type\u0022\u003Estring\u003C/span\u003E\u003C/div\u003E\u003Cdiv\u003EA valid email address. Either mobile or email is required.\u003C/div\u003E\u003C/section\u003E\u003Csection class=\u0022api_param\u0022\u003E\u003Cdiv class=\u0022api_param_header\u0022\u003E\u003Cspan class=\u0022p_name\u0022\u003Eminutes_valid\u003C/span\u003E\u003Cspan class=\u0022p_type\u0022\u003Enumber\u003C/span\u003E\u003C/div\u003E\u003Cdiv\u003EOptionally provide a value between 3 and 20 to override the default number of minutes the OTP is valid for. Defaults to 15.\u003C/div\u003E\u003C/section\u003E\u003Csection class=\u0022api_param\u0022\u003E\u003Cdiv class=\u0022api_param_header\u0022\u003E\u003Cspan class=\u0022p_name\u0022\u003Eotp_size\u003C/span\u003E\u003Cspan class=\u0022p_type\u0022\u003Enumber\u003C/span\u003E\u003C/div\u003E\u003Cdiv\u003EOptionally provide a value between 4 and 8 to set the length of the generated OTP. Defaults to 6.\u003C/div\u003E\u003C/section\u003E\u003Csection class=\u0022api_param\u0022\u003E\u003Cdiv class=\u0022api_param_header\u0022\u003E\u003Cspan class=\u0022p_name\u0022\u003Ecooldown_seconds\u003C/span\u003E\u003Cspan class=\u0022p_type\u0022\u003Enumber\u003C/span\u003E\u003C/div\u003E\u003Cdiv\u003EOptionally provide a value between 10 and 600 (10 minutes) to override the minimum number of seconds that must elapse before another OTP can be sent to the same mobile number. Defaults to 30.\u003C/div\u003E\u003C/section\u003E\u003C/section\u003E\u003Cdiv class=\u0022api_header\u0022\u003EHTTP Response Examples\u003C/div\u003E\u003Cdiv class=\u0022code_wrapper\u0022\u003E\u003Cdiv class=\u0022d-flex header\u0022\u003E\u003Cspan class=\u0022httpstatus\u0022\u003E\u003Cspan class=\u0022solid-circle success\u0022\u003E\u003C/span\u003E200\u003C/span\u003E\u003Cspan\u003ESuccess\u003C/span\u003E\u003C/div\u003E\u003Cdiv class=\u0022code\u0022 data-language=\u0022json\u0022\u003E{\r\n  \u0026quot;Status\u0026quot;: true,\r\n  \u0026quot;Message\u0026quot;: \u0026quot;\u0026quot;,\r\n  \u0026quot;Response\u0026quot;: {\r\n    \u0026quot;dsid\u0026quot;: \u0026quot;6bbc6d5b933b4dd38ffce5b2dc30a35f\u0026quot;,\r\n    \u0026quot;cooldown_seconds\u0026quot;: 30\r\n  }\r\n}\u003C/div\u003E\u003C/div\u003E\u003Cdiv class=\u0022code_wrapper\u0022\u003E\u003Cdiv class=\u0022d-flex header\u0022\u003E\u003Cspan class=\u0022httpstatus\u0022\u003E\u003Cspan class=\u0022solid-circle warning\u0022\u003E\u003C/span\u003E400\u003C/span\u003E\u003Cspan\u003EBad Request\u003C/span\u003E\u003C/div\u003E\u003Cdiv class=\u0022code\u0022 data-language=\u0022json\u0022\u003E{\r\n  \u0026quot;Status\u0026quot;: false,\r\n  \u0026quot;Message\u0026quot;: \u0026quot;A valid email or mobile number is required\u0026quot;,\r\n  \u0026quot;Response\u0026quot;: {}\r\n}\u003C/div\u003E\u003C/div\u003E\u003Cdiv class=\u0022code_wrapper\u0022\u003E\u003Cdiv class=\u0022d-flex header\u0022\u003E\u003Cspan class=\u0022httpstatus\u0022\u003E\u003Cspan class=\u0022solid-circle warning\u0022\u003E\u003C/span\u003E429\u003C/span\u003E\u003Cspan\u003ELocked Out\u003C/span\u003E\u003C/div\u003E\u003Cdiv class=\u0022code\u0022 data-language=\u0022json\u0022\u003E{\r\n  \u0026quot;Status\u0026quot;: false,\r\n  \u0026quot;Message\u0026quot;: \u0026quot;The maximum number of unsuccessful OTP attempts was exceeded. OTP requests are temporarily locked.\u0026quot;,\r\n  \u0026quot;Response\u0026quot;: {\r\n    \u0026quot;locked\u0026quot;: true,\r\n    \u0026quot;lockout_seconds\u0026quot;: 7200\r\n  }\r\n}\u003C/div\u003E\u003C/div\u003E\u003Cdiv class=\u0022api_header\u0022\u003EHTTP Response Parameters\u003C/div\u003E\u003Csection class=\u0022api_parameters\u0022\u003E\u003Csection class=\u0022api_param\u0022\u003E\u003Cdiv class=\u0022api_param_header\u0022\u003E\u003Cspan class=\u0022p_name\u0022\u003EResponse.dsid\u003C/span\u003E\u003Cspan class=\u0022p_type\u0022\u003Estring\u003C/span\u003E\u003C/div\u003E\u003Cdiv\u003EThe unique id of the contact that the one time password was generated for. Required to validate the OTP.\u003C/div\u003E\u003C/section\u003E\u003Csection class=\u0022api_param\u0022\u003E\u003Cdiv class=\u0022api_param_header\u0022\u003E\u003Cspan class=\u0022p_name\u0022\u003EResponse.cooldown_seconds\u003C/span\u003E\u003Cspan class=\u0022p_type\u0022\u003Enumber\u003C/span\u003E\u003C/div\u003E\u003Cdiv\u003EThe cooldown period in seconds before another OTP can be requested for this contact.\u003C/div\u003E\u003C/section\u003E\u003Csection class=\u0022api_param\u0022\u003E\u003Cdiv class=\u0022api_param_header\u0022\u003E\u003Cspan class=\u0022p_name\u0022\u003EResponse.locked\u003C/span\u003E\u003Cspan class=\u0022p_type\u0022\u003Eboolean\u003C/span\u003E\u003C/div\u003E\u003Cdiv\u003EReturned with HTTP 429. Indicates the contact is temporarily locked out from requesting new OTPs after exceeding the maximum number of failed verification attempts.\u003C/div\u003E\u003C/section\u003E\u003Csection class=\u0022api_param\u0022\u003E\u003Cdiv class=\u0022api_param_header\u0022\u003E\u003Cspan class=\u0022p_name\u0022\u003EResponse.lockout_seconds\u003C/span\u003E\u003Cspan class=\u0022p_type\u0022\u003Enumber\u003C/span\u003E\u003C/div\u003E\u003Cdiv\u003EReturned with HTTP 429. The remaining lockout duration in seconds before the contact may request a new OTP.\u003C/div\u003E\u003C/section\u003E\u003C/section\u003E","json_meta":{"api_verb":"POST","api_path":"https://us-1.dailystory.com/api/v1/verification"},"publish_status":0,"post_type":"API","authoruid":"3dde8c16-763a-4a2b-ae0b-1d8c50c62e3d","author":{"authoruid":"3dde8c16-763a-4a2b-ae0b-1d8c50c62e3d"},"featured_image_updating":false,"meta_description":"Send a numeric one-time password (OTP) via SMS or email using our API. Supports mobile in E.164 format or email; OTP valid for 15 minutes.","display_toc":true,"has_workingcopy":false,"allow_indexing":true,"total_views":0,"date_published":"2025-09-27T17:27:00","date_updated":"2026-04-17T13:41:41.407","date_created":"2025-09-27T17:25:43.163"}}}