> ## Documentation Index
> Fetch the complete documentation index at: https://stytch.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# One-time passcodes (OTP) overview

> Use SMS or WhatsApp one-time passcodes to verify users during login and signup.

One-time passcodes (OTP) let you verify users by sending a short code over SMS or WhatsApp. OTPs are a good fit for passwordless login, phone verification, and step-up authentication when you need an additional factor.

<Warning>
  OTPs can be targeted by toll fraud. Review the [Toll fraud resources](/resources/policies/messaging/toll-fraud) before enabling SMS at scale.
</Warning>

## How OTPs work

1. Collect the user's phone number and request a passcode.
2. The user enters the code they receive.
3. Your app verifies the code and optionally establishes a session.

## Next steps

<CardGroup cols={2}>
  <Card title="API integration" icon="code" href="/consumer-auth/authentication/otps/api">
    Send and authenticate OTPs from your backend.
  </Card>

  <Card title="SDK integration" icon="app-window" href="/consumer-auth/authentication/otps/sdk">
    Add OTPs to Stytch Login with the frontend SDK.
  </Card>
</CardGroup>