Send

POSThttps://test.stytch.com/v1/b2b/otps/sms/send

Send a One-Time Passcode (OTP) to a Member's phone number.

If the Member already has a phone number, the mfa_phone_number field is not needed; the endpoint will send an OTP to the number associated with the Member. If the Member does not have a phone number, the endpoint will send an OTP to the mfa_phone_number provided and link the mfa_phone_number with the Member.

An error will be thrown if the Member already has a phone number and the provided mfa_phone_number does not match the existing one.

Note that sending another OTP code before the first has expired will invalidate the first code.

If a Member has a phone number and is enrolled in MFA, then after a successful primary authentication event (e.g. email magic link or SSO login is complete), an SMS OTP will automatically be sent to their phone number. In that case, this endpoint should only be used for subsequent authentication events, such as prompting a Member for an OTP again after a period of inactivity.

Cost to send SMS OTP

Before configuring SMS or WhatsApp OTPs, please review how Stytch bills the costs of international OTPs and understand how to protect your app against toll fraud.

Body parameters

organization_id*string
member_id*string
mfa_phone_numberstring
localestring

Response fields

request_idstring
status_codeint
member_idstring
memberobject
organizationobject
curl --request POST \
  --url https://test.stytch.com/v1/b2b/otps/sms/send \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -d '{
    "organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
    "member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f"
  }'

RESPONSE

200
{
    "status_code": 200,
    "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
    "member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
    "member": {...},
    "organization": {...}
}