> ## Documentation Index
> Fetch the complete documentation index at: https://docs.prelude.so/llms.txt
> Use this file to discover all available pages before exploring further.

# OTP Login

> Configure OTP-based authentication with the Session API using phone or email.

This guide walks you through configuring OTP (one-time password) login for your application using the Prelude Session Management API. OTP login sends a verification code to the user's phone number via SMS or to their email address.

## Prerequisites

Before you start, make sure you have:

* A Prelude account with access to the Session API
* An **Application ID** (`appID`) — see [Applications](/session/documentation/applications)
* Your **Management API key** for backend calls
* A configured [Verify](/verify/v2/documentation/introduction) template for sending OTP codes

## Set up OTP login

<Steps>
  <Step title="Create an OTP login configuration">
    ```bash theme={null}
    curl -X POST https://api.prelude.dev/v2/session/apps/${APP_ID}/config/login/otp \
      -H "Authorization: Bearer ${MANAGEMENT_API_KEY}" \
      -H "Content-Type: application/json" \
      -d '{
        "config_type": "otp",
        "channel_type": "sms",
        "is_default": true
      }'
    ```

    | Field                   | Required | Description                                                                                                                      |
    | ----------------------- | -------- | -------------------------------------------------------------------------------------------------------------------------------- |
    | `config_type`           | Yes      | Must be `"otp"`.                                                                                                                 |
    | `channel_type`          | Yes      | The channel used for OTP delivery (`"sms"` or `"email"`).                                                                        |
    | `is_default`            | Yes      | Whether this is the default OTP login configuration.                                                                             |
    | `template_id`           | No       | The ID of your [Verify template](/verify/v2/documentation/content). This controls the OTP message content and delivery settings. |
    | `sender_id`             | No       | The sender ID used for SMS delivery.                                                                                             |
    | `grant_change_password` | No       | Whether this OTP configuration can be used to grant a password change to the user. Defaults to `false`.                          |
  </Step>
</Steps>

This configuration supports both SMS and email channels simultaneously, allowing users to receive OTP codes via either method.

## What's next?

Now that OTP login is configured on your backend, integrate the frontend using the [OTP Login](/session/documentation/frontend-sdks/web/otp) guide.