Send OTP Verification Code

Customer Identity and Access Management

Product Introduction

Operation Guide

User pool management

Creating a user pool

Switching user pools

Setting the default user pool

Editing a user pool

Deleting a user pool

User management

Custom attributes

Creating a custom attribute

Editing a custom attribute

Viewing custom attributes

Deleting a custom attribute

Creating a user

Viewing user details

Editing user attributes

Deleting a user

Resetting a password

Freezing or locking users

User group management

Application management

Creating an application

Configuring an application

Authentication management

General authentication sources

Creating an authentication source

Username-password authentication

SMS OTP

Email OTP

Editing an authentication source

Username-password authentication

SMS OTP

Email OTP

Testing an authentication source

Disabling or deleting an authentication source

Custom settings

Template settings

Development Guide

Access via Authentication API

User Sign-up

Account and Password Authentication

OTP Authentication by SMS and Email

Send OTP Verification Code

Get User Information

Update User Information

Modify User Password

Reset User Password

Get Token

PKCE Authorization Code Mode

General Authorization Code Mode

Client Credentials Mode

Get JWT Public Key

Refresh Token

Revoke Token

Get OpenID Provider Configuration

API Documentation

Making API Requests

User Management APIs

Data Sync APIs

CreateFileExportUserJob

CreateApiImportUserJob

Audit Management APIs

ListLogMessageByCondition

FAQs

CIAM Policy

Data Processing And Security Agreement

DocumentationCustomer Identity and Access ManagementDevelopment GuideAccess via Authentication APISend OTP Verification Code

Send OTP Verification Code

Download PDF

Last updated: 2023-12-22 11:42:07

Send OTP Verification Code

Last updated: 2023-12-22 11:42:07

Download PDF

API Description
This API is used to send SMS or email one-time password (OTP) verification code to users for login, sign-up or user information update.
Supported Applications
Web applications and machine-to-machine (M2M) applications.
Request Method
POST
Request Path
/otp/send
Request Content-Type
application/json
Sample Requests
Send SMS verification code for OTP login by SMS.
POST /otp/send HTTP/1.1
Content-Type: application/json
Authorization: Basic VEVOQU5UX0NMSUVOVF9JRDpURU5BTlRfQ0xJRU5UX1NFQ1JFVA==
Host: sample.portal.tencentciam.com
﻿
{
"usage" : "login",
"phone_number" : "13612345678",
"auth_source_id" : "MOCK_SMS_OTP_AUTH_SOURCE_ID"
}
﻿
Send email verification code for OTP login by email.
POST /otp/send HTTP/1.1
Content-Type: application/json
Authorization: Basic Q0xJRU5UXzRfSUQ6Q0xJRU5UXzRfU0VDUkVU
Host: sample.portal.tencentciam.com
﻿
{
"usage" : "login",
"email" : "MOCK_USERNAME@example.com",
"auth_source_id" : "MOCK_EMAIL_OTP_AUTH_SOURCE_ID"
}
Send SMS verification code for binding mobile number during sign-up.
POST /otp/send HTTP/1.1
Content-Type: application/json
Authorization: Basic Q0xJRU5UXzRfSUQ6Q0xJRU5UXzRfU0VDUkVU
Host: sample.portal.tencentciam.com
﻿
{
"usage" : "signup",
"phone_number" : "13612345678"
}
Send email verification code for binding email address during sign-up.
POST /otp/send HTTP/1.1
Content-Type: application/json
Authorization: Basic Q0xJRU5UXzRfSUQ6Q0xJRU5UXzRfU0VDUkVU
Host: sample.portal.tencentciam.com
﻿
{
"usage" : "signup",
"email" : "MOCK_USERNAME@example.com"
}
Send email verification code for binding or changing mobile number to update user information.
POST /otp/send HTTP/1.1
Content-Type: application/json
Authorization: Basic Q0xJRU5UXzRfSUQ6Q0xJRU5UXzRfU0VDUkVU
Host: sample.portal.tencentciam.com
﻿
{
"usage" : "update_userinfo",
"phone_number" : "13612345678"
}
Send email verification code for resetting password.
POST /otp/send HTTP/1.1
Content-Type: application/json
Authorization: Basic Q0xJRU5UXzRfSUQ6Q0xJRU5UXzRfU0VDUkVU
Host: sample.portal.tencentciam.com
﻿
{
"usage" : "reset_password",
"email" : "MOCK_USERNAME@example.com"
}
Request Headers
Parameter
Description
Authorization
HTTP Basic authentication request header. The format is Basic <credentials>, where Basic is a fixed string and <credentials> is calculated by base64(url_encode(client_id) + ":" + url_encode( client_secret)). Basic and <credentials> are separated by a space.
Request Parameters in JSON Format
JSON Path
Data Type
Description
usage
String
The use case of the OTP verification code. 
Enter login for OTP login by SMS or email. 
Enter signup for user sign-up. 
Enter update_userinfo for updating user information. 
Enter reset_password for resetting user password. 
If this parameter is not specified, it defaults to login. 
phone_number
String
The user's mobile number, which should be an 11-digit mobile number of the three major carriers in Chinese mainland. This parameter is required for sending SMS OTP verification code.
email
String
The user's email address. This parameter is required for sending email OTP verification code.
auth_source_id
String
The ID of the authentication source for OTP by SMS or email. It can be viewed on the general authentication source list of the console. This parameter is required for OTP login by SMS or email. The length and validity period of the verification code in the authentication source configuration will be used. In other scenarios, this parameter is left empty. A 6-digit verification code will be used by default, which is valid for 60 seconds.
Sample Success Responses
The verification code is sent successfully.
HTTP/1.1 200 OK
Content-Type: application/json
﻿
{
  "otp_token" : "MOCK_OTP_TOKEN"
}
Response Parameters
Parameter
Data Type
Description
otp_token
String
OTP token, which is used in OTP verification. This is valid for 5 minutes.
Sample Error Responses
Incorrect mobile number format.
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
﻿
{
"error" : "malformed_phone_number"
}
Incorrect email address format.
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
﻿
{
"error" : "malformed_email"
}
SMS message can not be sent due to insufficient SMS quota. This occurs when the free quota has been used up. You need to configure the SMS template on the console.
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
﻿
{
"error" : "insufficient_sms_quota"
}
Email can not be sent due to insufficient email quota. This occurs when the free quota has been used up. You need to configure the email template on the console.
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
﻿
{
"error" : "insufficient_email_quota"
}
The email address does not exist or is on the blocklist.
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
﻿
{
"error" : "invalid_email"
}
Failed to send the verification code.
HTTP/1.1 503 Service Unavailable
Content-Type: application/json;charset=UTF-8
﻿
{
"error" : "temporarily_unavailable",
"error_description" : "Failed to send OTP. Please try again later."
}
The email address has already been used for sign-up.
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
﻿
{
  "error": "email_is_used"
}
The mobile number has already been used for sign-up.
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
﻿
﻿
{
  "error": "phone_number_is_used"
}
The limit for sending SMS messages to a mobile number is exceeded.
If you use the purchased SMS quota, you can modify the message sending limit policy in the SMS Console.
If you use the free SMS quota, a maximum of 50 SMS messages can be sent to one mobile number every day, and only one SMS message can be sent to one mobile number within 30 seconds.
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
﻿
{
"error" : "sms_rate_limit_exceeded",
"error_description" : "SMS rate limit exceeded for same phone number"
}
﻿

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Parameter	Description
Authorization	HTTP `Basic` authentication request header. The format is `Basic <credentials>`, where `Basic` is a fixed string and `<credentials>` is calculated by `base64(url_encode(client_id) + ":" + url_encode( client_secret))`. `Basic` and `<credentials>` are separated by a space.

JSON Path	Data Type	Description
usage	String	The use case of the OTP verification code. Enter `login` for OTP login by SMS or email. Enter `signup` for user sign-up. Enter `update_userinfo` for updating user information. Enter `reset_password` for resetting user password. If this parameter is not specified, it defaults to login.
phone_number	String	The user's mobile number, which should be an 11-digit mobile number of the three major carriers in Chinese mainland. This parameter is required for sending SMS OTP verification code.
email	String	The user's email address. This parameter is required for sending email OTP verification code.
auth_source_id	String	The ID of the authentication source for OTP by SMS or email. It can be viewed on the general authentication source list of the console. This parameter is required for OTP login by SMS or email. The length and validity period of the verification code in the authentication source configuration will be used. In other scenarios, this parameter is left empty. A 6-digit verification code will be used by default, which is valid for 60 seconds.

tencent cloud

New User Offers

Next-Generation CDN：EdgeOne

Elasticsearch Service free trial

Free Tier

Tencent Cloud Startup Program

Special Offers

Lighthouse Special Offers

Cloud Object Storage Special Offers

Featured Products

New Products

Education

Tencent Cloud Online Education Solutions

Gaming

Gaming Solution

Game Media Solutions

E-commerce

E-commerce retail solutions

Audio & Video

Audio/Video Solution

LVB Recording Solution

Interactive Classroom Solution

Interactive Live Streaming Solution

Audio Chat Social Networking Solution

Financial Services

Financial Services Solution

Compute

Cloud Virtual Machine

Auto Scaling

Batch Compute

CVM Dedicated Host

Database

TencentDB for MySQL

TencentDB for Redis®

TencentDB for CTSDB

TDSQL for MySQL

Data Transfer Service

TencentDB for MongoDB

TencentDB for PostgreSQL

TencentDB for SQL Server

Video Service

Cloud Streaming Services

Video on Demand

Media Processing Service

Cloud Application Rendering

Cloud Contact Center

Game Multimedia Engine

Chat

Real-time Communication

Tencent Effect SDK

AI and Machine Learning

Image Creation Large Model

Face Fusion

eKYC

Optical Character Recognition

Video Creation Large Model

Industry Applications

Tencent HealthCare Omics Platform

Container and Middleware

TDMQ for CKafka

Serverless Cloud Function

Tencent Kubernetes Engine

Tencent Kubernetes Engine for Serverless

Networking

Cloud Load Balancer

Virtual Private Cloud

Direct Connect

Cloud Connect Network

NAT Gateway

VPN Connection

Bandwidth Package

Anycast Internet Acceleration

Elastic Network Interface

Flow Logs

Global Application Acceleration Platform

Security

Captcha

Cloud Workload Protection Platform

Data Security Governance Center

Key Management Service