Skip to main content
This guide walks you through configuring OTP (one-time password) login for your application using the Prelude Session Management API. OTP login sends a verification code to the user’s phone number via SMS or to their email address.

Prerequisites

Before you start, make sure you have:
  • A Prelude account with access to the Session API
  • An Application ID (appID) — see Applications
  • Your Management API key for backend calls
  • A configured Verify template for sending OTP codes

Set up OTP login

1

Create an OTP login configuration

curl -X POST https://api.prelude.dev/v2/session/apps/${APP_ID}/config/login/otp \
  -H "Authorization: Bearer ${MANAGEMENT_API_KEY}" \
  -H "Content-Type: application/json" \
  -d '{
    "config_type": "otp",
    "channel_type": "sms",
    "is_default": true
  }'
FieldRequiredDescription
config_typeYesMust be "otp".
channel_typeYesThe channel used for OTP delivery ("sms" or "email").
is_defaultYesWhether this is the default OTP login configuration.
template_idNoThe ID of your Verify template. This controls the OTP message content and delivery settings.
sender_idNoThe sender ID used for SMS delivery.
grant_change_passwordNoWhether this OTP configuration can be used to grant a password change to the user. Defaults to false.
This configuration supports both SMS and email channels simultaneously, allowing users to receive OTP codes via either method.

What’s next?

Now that OTP login is configured on your backend, integrate the frontend using the OTP Login guide.