Skip to main content
This guide walks you through configuring OTP (one-time password) login for your application using Prelude Auth. OTP login sends a verification code to the user’s phone number via SMS or to their email address.

Prerequisites

Before you start, make sure you have:
  • A Prelude account with access to Prelude Auth
  • An Application ID (appID) — see Applications
  • Your Management API key for backend calls
  • A configured Verify template for sending OTP codes

Set up OTP login

1

Create an OTP login configuration

curl -X POST https://api.prelude.dev/v2/session/apps/${APP_ID}/config/login/otp \
  -H "Authorization: Bearer ${MANAGEMENT_API_KEY}" \
  -H "Content-Type: application/json" \
  -d '{
    "config_type": "otp",
    "channel_type": "sms",
    "is_default": true
  }'
FieldRequiredDescription
config_typeYesMust be "otp".
channel_typeYesThe channel used for OTP delivery ("sms" or "email").
is_defaultYesWhether this is the default OTP login configuration.
template_idNoThe ID of your Verify template. This controls the OTP message content and delivery settings.
sender_idNoThe sender ID used for SMS delivery.
granted_scopesNoList of session scopes attached to the session when a login completes through this OTP configuration (for example ["prld:pwd:write"] to grant a password change). Defaults to an empty list.
This configuration supports both SMS and email channels simultaneously, allowing users to receive OTP codes via either method.

What’s next?

Now that OTP login is configured on your backend, integrate the frontend using the OTP Login guide.