> ## Documentation Index > Fetch the complete documentation index at: https://stytch.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Login Or Create User > Send a One-Time Passcode (OTP) to a User via SMS. This endpoint sends a one-time passcode (OTP) to a user's phone number. If the phone number is not associated with a user already, a user will be created. ## OpenAPI ````yaml POST /v1/otps/sms/login_or_create openapi: 3.0.3 info: title: Stytch API description: The Stytch API provides endpoints for authentication and user management. version: 2.1.1 contact: name: Stytch Support url: https://stytch.com/docs email: support@stytch.com servers: - url: https://api.stytch.com description: Production server - url: https://test.stytch.com description: Test server security: - basicAuth: [] paths: /v1/otps/sms/login_or_create: post: tags: - Otp summary: Loginorcreate description: >- Send a One-Time Passcode (OTP) to a User using their phone number. If the phone number is not associated with a user already, a user will be created. ### Cost to send SMS OTP Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview). __Note:__ SMS to phone numbers outside of the US and Canada is disabled by default for customers who did not use SMS prior to October 2023. If you're interested in sending international SMS, please add those countries to your Project's allowlist via the [Dashboard](https://stytch.com/dashboard/country-code-allowlists) or [Programmatic Workspace Actions](https://stytch.com/docs/workspace-management/pwa/set-allowed-country-codes), and [add credit card details](https://stytch.com/dashboard/settings/billing) to your account. Even when international SMS is enabled, we do not support sending SMS to countries on our [Unsupported countries list](https://stytch.com/docs/guides/passcodes/unsupported-countries). ### Next steps Collect the OTP which was delivered to the User. Call [Authenticate OTP](https://stytch.com/docs/api/authenticate-otp) using the OTP `code` along with the `phone_id` found in the response as the `method_id`. operationId: api_otp_v1_otp_sms_LoginOrCreate requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/api_otp_v1_otp_sms_LoginOrCreateRequest' responses: '200': description: Successful response content: application/json: schema: $ref: '#/components/schemas/api_otp_v1_otp_sms_LoginOrCreateResponse' '400': description: Bad request '401': description: Unauthorized content: application/json: example: status_code: 401 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: unauthorized_credentials error_message: Unauthorized credentials. error_url: https://stytch.com/docs/api/errors/401 '429': description: Too Many Requests content: application/json: example: status_code: 429 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: too_many_requests error_message: Too many requests have been made. error_url: https://stytch.com/docs/api/errors/429 '500': description: Internal server error content: application/json: example: status_code: 500 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: internal_server_error error_message: >- Oops, something seems to have gone wrong, please reach out to support@stytch.com to let us know what went wrong. error_url: https://stytch.com/docs/api/errors/500 x-code-samples: - lang: csharp label: C# source: |- // POST /v1/otps/sms/login_or_create const stytch = require('stytch'); const client = new stytch.Client({ project_id: '${projectId}', secret: '${secret}', }); const params = { phone_number: "+12025550162", }; client.OTPs.Sms.LoginOrCreate(params) .then(resp => { console.log(resp) }) .catch(err => { console.log(err) }); - lang: go label: Go source: "// POST /v1/otps/sms/login_or_create\npackage main\n\nimport (\n\t\"context\"\n\t\"log\"\n\n\t\"github.com/stytchauth/stytch-go/v18/stytch/consumer/otp/sms\"\n\t\"github.com/stytchauth/stytch-go/v18/stytch/consumer/stytchapi\"\n)\n\nfunc main() {\n\tclient, err := stytchapi.NewClient(\n\t\t\"${projectId}\",\n\t\t\"${secret}\",\n\t)\n\tif err != nil {\n\t\tlog.Fatalf(\"error instantiating client: %v\", err)\n\t}\n\n\tparams := &sms.LoginOrCreateParams{\n\t\tPhoneNumber: \"+12025550162\",\n\t}\n\n\tresp, err := client.OTPs.Sms.LoginOrCreate(context.Background(), params)\n\tif err != nil {\n\t\tlog.Fatalf(\"error in method call: %v\", err)\n\t}\n\n\tlog.Println(resp)\n}\n" - lang: java label: Java source: |- // POST /v1/otps/sms/login_or_create package com.example; import com.stytch.java.common.StytchResult; import com.stytch.java.consumer.models.otpsms.LoginOrCreateRequest; import com.stytch.java.consumer.StytchClient; public class Main { public static void main(String[] args) { StytchClient.configure("${projectId}", "${secret}"); LoginOrCreateRequest params = new LoginOrCreateRequest(); params.setPhoneNumber("+12025550162"); Object result = StytchClient.getOTPs().getSms().loginOrCreate(params); if (result instanceof StytchResult.Success) { System.out.println(((StytchResult.Success) result).getValue()); } else { System.out.println(((StytchResult.Error) result).getException()); } } } - lang: kotlin label: Kotlin source: | // POST /v1/otps/sms/login_or_create package com.example import com.stytch.java.consumer.StytchClient import com.stytch.java.consumer.models.otpsms.LoginOrCreateRequest fun main() { StytchClient.configure( projectId = "${projectId}", secret = "${secret}", ) when ( val result = StytchClient.otps.sms.loginOrCreate( LoginOrCreateRequest( phoneNumber = "+12025550162", ), ) ) { is StytchResult.Success -> println(result.value) is StytchResult.Error -> println(result.exception) } } - lang: javascript label: Node.js source: |- // POST /v1/otps/sms/login_or_create const stytch = require('stytch'); const client = new stytch.Client({ project_id: '${projectId}', secret: '${secret}', }); const params = { phone_number: "+12025550162", }; client.otps.sms.loginOrCreate(params) .then(resp => { console.log(resp) }) .catch(err => { console.log(err) }); - lang: php label: PHP source: |- $response = $client->otps->sms->login_or_create([ 'phone_number' => '+12025550162', ]); - lang: python label: Python source: | # POST /v1/otps/sms/login_or_create from stytch import Client client = Client( project_id="${projectId}", secret="${secret}", ) resp = client.otps.sms.login_or_create( phone_number="+12025550162", ) print(resp) - lang: ruby label: Ruby source: |- # frozen_string_literal: true # POST /v1/otps/sms/login_or_create require 'stytch' client = Stytch::Client.new( project_id: "${projectId}", secret: "${secret}" ) resp = client.otps.sms.login_or_create( phone_number: "+12025550162" ) puts resp - lang: rust label: Rust source: |- // POST /v1/otps/sms/login_or_create use stytch::consumer::client::Client; use stytch::consumer::otp_sms::LoginOrCreateRequest; fn main() { let client = Client::new("${projectId}", "${secret}").unwrap(); let resp = client.otps.sms.login_or_create( LoginOrCreateRequest{ phone_number: "+12025550162", ..Default::default() } ).await; println!("The response is {:?}", resp); } - lang: bash label: cURL source: |- # POST /v1/otps/sms/login_or_create curl --request POST \ --url https://test.stytch.com/v1/otps/sms/login_or_create \ -u '${projectId}:${secret}' \ -H 'Content-Type: application/json' \ -d '{ "phone_number": "+12025550162" }' components: schemas: api_otp_v1_otp_sms_LoginOrCreateRequest: type: object properties: phone_number: type: string description: >- The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail. expiration_minutes: type: integer format: int32 description: >- Set the expiration for the one-time passcode, in minutes. The minimum expiration is 1 minute and the maximum is 10 minutes. The default expiration is 2 minutes. attributes: $ref: '#/components/schemas/api_attribute_v1_Attributes' description: >- Provided attributes to help with fraud detection. These values are pulled and passed into Stytch endpoints by your application. create_user_as_pending: type: boolean description: >- Flag for whether or not to save a user as pending vs active in Stytch. Defaults to false. If true, users will be saved with status pending in Stytch's backend until authenticated. If false, users will be created as active. An example usage of a true flag would be to require users to verify their phone by entering the OTP code before creating an account for them. locale: $ref: '#/components/schemas/api_otp_v1_otp_sms_LoginOrCreateRequestLocale' description: >- Used to determine which language to use when sending the user this delivery method. Parameter is an [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`. If no value is provided, the copy defaults to English. description: Request type required: - phone_number api_otp_v1_otp_sms_LoginOrCreateResponse: type: object properties: request_id: type: string description: >- Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. user_id: type: string description: The unique ID of the affected User. phone_id: type: string description: The unique ID for the phone number. user_created: type: boolean description: >- In `login_or_create` endpoints, this field indicates whether or not a User was just created. status_code: type: integer format: int32 description: >- The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. required: - request_id - user_id - phone_id - user_created - status_code api_attribute_v1_Attributes: type: object properties: ip_address: type: string description: The IP address of the user. user_agent: type: string description: The user agent of the User. api_otp_v1_otp_sms_LoginOrCreateRequestLocale: type: string enum: - en - es - pt-br - fr - it - de-DE - zh-Hans - ca-ES - ja - ru - nl - pl - tr - fa - vi - cs securitySchemes: basicAuth: type: http scheme: basic ````