> ## Documentation Index > Fetch the complete documentation index at: https://stytch.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Send > Send a One-Time Passcode (OTP) to a User via SMS. This endpoint sends a one-time passcode (OTP) to a user's phone number. If you'd like to create a user and send them a passcode with one request, use the [login or create user endpoint](/api-reference/consumer/api/otp/via-sms/login-or-create-user). Sending an OTP code will invalidate any previously sent OTP code for the same user. ## OpenAPI ````yaml POST /v1/otps/sms/send openapi: 3.0.3 info: title: Stytch API description: The Stytch API provides endpoints for authentication and user management. version: 2.1.1 contact: name: Stytch Support url: https://stytch.com/docs email: support@stytch.com servers: - url: https://api.stytch.com description: Production server - url: https://test.stytch.com description: Test server security: - basicAuth: [] paths: /v1/otps/sms/send: post: tags: - Otp summary: Send description: >- Send a one-time passcode (OTP) to a user's phone number. If you'd like to create a user and send them a passcode with one request, use our [log in or create](https://stytch.com/docs/api/log-in-or-create-user-by-sms) endpoint. Note that sending another OTP code before the first has expired will invalidate the first code. ### Cost to send SMS OTP Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview). __Note:__ SMS to phone numbers outside of the US and Canada is disabled by default for customers who did not use SMS prior to October 2023. If you're interested in sending international SMS, please add those countries to your Project's allowlist via the [Dashboard](https://stytch.com/dashboard/country-code-allowlists) or [Programmatic Workspace Actions](https://stytch.com/docs/workspace-management/pwa/set-allowed-country-codes), and [add credit card details](https://stytch.com/dashboard/settings/billing) to your account. Even when international SMS is enabled, we do not support sending SMS to countries on our [Unsupported countries list](https://stytch.com/docs/guides/passcodes/unsupported-countries). ### Add a phone number to an existing user This endpoint also allows you to add a new phone number to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in your Send one-time passcode by SMS request will add the new, unverified phone number to the existing Stytch User. If the user successfully authenticates within 5 minutes, the new phone number will be marked as verified and remain permanently on the existing Stytch User. Otherwise, it will be removed from the User object, and any subsequent login requests using that phone number will create a new User. ### Next steps Collect the OTP which was delivered to the user. Call [Authenticate OTP](https://stytch.com/docs/api/authenticate-otp) using the OTP `code` along with the `phone_id` found in the response as the `method_id`. operationId: api_otp_v1_otp_sms_Send requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/api_otp_v1_otp_sms_SendRequest' responses: '200': description: Successful response content: application/json: schema: $ref: '#/components/schemas/api_otp_v1_otp_sms_SendResponse' '400': description: Bad request '401': description: Unauthorized content: application/json: example: status_code: 401 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: unauthorized_credentials error_message: Unauthorized credentials. error_url: https://stytch.com/docs/api/errors/401 '429': description: Too Many Requests content: application/json: example: status_code: 429 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: too_many_requests error_message: Too many requests have been made. error_url: https://stytch.com/docs/api/errors/429 '500': description: Internal server error content: application/json: example: status_code: 500 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: internal_server_error error_message: >- Oops, something seems to have gone wrong, please reach out to support@stytch.com to let us know what went wrong. error_url: https://stytch.com/docs/api/errors/500 x-code-samples: - lang: csharp label: C# source: |- // POST /v1/otps/sms/send const stytch = require('stytch'); const client = new stytch.Client({ project_id: '${projectId}', secret: '${secret}', }); const params = { phone_number: "+12025550162", }; client.OTPs.Sms.Send(params) .then(resp => { console.log(resp) }) .catch(err => { console.log(err) }); - lang: go label: Go source: "// POST /v1/otps/sms/send\npackage main\n\nimport (\n\t\"context\"\n\t\"log\"\n\n\t\"github.com/stytchauth/stytch-go/v18/stytch/consumer/otp/sms\"\n\t\"github.com/stytchauth/stytch-go/v18/stytch/consumer/stytchapi\"\n)\n\nfunc main() {\n\tclient, err := stytchapi.NewClient(\n\t\t\"${projectId}\",\n\t\t\"${secret}\",\n\t)\n\tif err != nil {\n\t\tlog.Fatalf(\"error instantiating client: %v\", err)\n\t}\n\n\tparams := &sms.SendParams{\n\t\tPhoneNumber: \"+12025550162\",\n\t}\n\n\tresp, err := client.OTPs.Sms.Send(context.Background(), params)\n\tif err != nil {\n\t\tlog.Fatalf(\"error in method call: %v\", err)\n\t}\n\n\tlog.Println(resp)\n}\n" - lang: java label: Java source: |- // POST /v1/otps/sms/send package com.example; import com.stytch.java.common.StytchResult; import com.stytch.java.consumer.models.otpsms.SendRequest; import com.stytch.java.consumer.StytchClient; public class Main { public static void main(String[] args) { StytchClient.configure("${projectId}", "${secret}"); SendRequest params = new SendRequest(); params.setPhoneNumber("+12025550162"); Object result = StytchClient.getOTPs().getSms().send(params); if (result instanceof StytchResult.Success) { System.out.println(((StytchResult.Success) result).getValue()); } else { System.out.println(((StytchResult.Error) result).getException()); } } } - lang: kotlin label: Kotlin source: | // POST /v1/otps/sms/send package com.example import com.stytch.java.consumer.StytchClient import com.stytch.java.consumer.models.otpsms.SendRequest fun main() { StytchClient.configure( projectId = "${projectId}", secret = "${secret}", ) when ( val result = StytchClient.otps.sms.send( SendRequest( phoneNumber = "+12025550162", ), ) ) { is StytchResult.Success -> println(result.value) is StytchResult.Error -> println(result.exception) } } - lang: javascript label: Node.js source: |- // POST /v1/otps/sms/send const stytch = require('stytch'); const client = new stytch.Client({ project_id: '${projectId}', secret: '${secret}', }); const params = { phone_number: "+12025550162", }; client.otps.sms.send(params) .then(resp => { console.log(resp) }) .catch(err => { console.log(err) }); - lang: php label: PHP source: |- $response = $client->otps->sms->send([ 'phone_number' => '+12025550162', ]); - lang: python label: Python source: | # POST /v1/otps/sms/send from stytch import Client client = Client( project_id="${projectId}", secret="${secret}", ) resp = client.otps.sms.send( phone_number="+12025550162", ) print(resp) - lang: ruby label: Ruby source: |- # frozen_string_literal: true # POST /v1/otps/sms/send require 'stytch' client = Stytch::Client.new( project_id: "${projectId}", secret: "${secret}" ) resp = client.otps.sms.send( phone_number: "+12025550162" ) puts resp - lang: rust label: Rust source: |- // POST /v1/otps/sms/send use stytch::consumer::client::Client; use stytch::consumer::otp_sms::SendRequest; fn main() { let client = Client::new("${projectId}", "${secret}").unwrap(); let resp = client.otps.sms.send( SendRequest{ phone_number: "+12025550162", ..Default::default() } ).await; println!("The response is {:?}", resp); } - lang: bash label: cURL source: |- # POST /v1/otps/sms/send curl --request POST \ --url https://test.stytch.com/v1/otps/sms/send \ -u '${projectId}:${secret}' \ -H 'Content-Type: application/json' \ -d '{ "phone_number": "+12025550162" }' components: schemas: api_otp_v1_otp_sms_SendRequest: type: object properties: phone_number: type: string description: >- The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail. expiration_minutes: type: integer format: int32 description: >- Set the expiration for the one-time passcode, in minutes. The minimum expiration is 1 minute and the maximum is 10 minutes. The default expiration is 2 minutes. attributes: $ref: '#/components/schemas/api_attribute_v1_Attributes' description: >- Provided attributes to help with fraud detection. These values are pulled and passed into Stytch endpoints by your application. locale: $ref: '#/components/schemas/api_otp_v1_otp_sms_SendRequestLocale' description: >- Used to determine which language to use when sending the user this delivery method. Parameter is an [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`. If no value is provided, the copy defaults to English. user_id: type: string description: >- The unique ID of a specific User. You may use an `external_id` here if one is set for the user. session_token: type: string description: The `session_token` associated with a User's existing Session. session_jwt: type: string description: The `session_jwt` associated with a User's existing Session. description: Request type required: - phone_number api_otp_v1_otp_sms_SendResponse: type: object properties: request_id: type: string description: >- Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. user_id: type: string description: The unique ID of the affected User. phone_id: type: string description: The unique ID for the phone number. status_code: type: integer format: int32 description: >- The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. required: - request_id - user_id - phone_id - status_code api_attribute_v1_Attributes: type: object properties: ip_address: type: string description: The IP address of the user. user_agent: type: string description: The user agent of the User. api_otp_v1_otp_sms_SendRequestLocale: type: string enum: - en - es - pt-br - fr - it - de-DE - zh-Hans - ca-ES - ja - ru - nl - pl - tr - fa - vi - cs securitySchemes: basicAuth: type: http scheme: basic ````