Send a one-time passcode (OTP) to a user's phone number. If you'd like to create a user and send them a passcode with one request, use our log in or create endpoint.
Note that sending another OTP code before the first has expired will invalidate the first code.
Cost to send SMS OTP
Before configuring SMS or WhatsApp OTPs, please review how Stytch bills the costs of international OTPs and understand how to protect your app against toll fraud.
Note: SMS to phone numbers outside of the US and Canada is disabled by default for customers who did not use SMS prior to October 2023. If you're interested in sending international SMS, please reach out to support@stytch.com.
Even when international SMS is enabled, we do not support sending SMS to countries on our Unsupported countries list.
Add a phone number to an existing user
This endpoint also allows you to add a new phone number to an existing Stytch User. Including a user_id, session_token, or session_jwt in your Send one-time passcode by SMS request will add the new, unverified phone number to the existing Stytch User. If the user successfully authenticates within 5 minutes, the new phone number will be marked as verified and remain permanently on the existing Stytch User. Otherwise, it will be removed from the User object, and any subsequent login requests using that phone number will create a new User.
Next steps
Collect the OTP which was delivered to the user. Call Authenticate OTP using the OTP code along with the phone_id found in the response as the method_id.