/
Contact usSee pricingStart building
Node
​

    About Stytch

    Introduction
    Integration Approaches
      Full-stack overview
      Frontend (pre-built UI)
      Frontend (headless)
      Backend
    Migrations
      Migration overview
      Migrating users statically
      Migrating users dynamically
      Additional migration considerations
      Zero-downtime deployment
      Defining external IDs for users
      Exporting from Stytch
    Custom Domains
      Overview

    Authentication

    DFP Protected Auth
      Overview
      Setting up DFP Protected Auth
      Handling challenges
    Magic Links
    • Email Magic Links

      • Getting started with the API
        Getting started with the SDK
        Replacing your password reset flow
        Building an invite user flow
        Add magic links to an existing auth flow
        Adding PKCE to a Magic Link flow
        Magic Link redirect routing
    • Embeddable Magic Links

      • Getting started with the API
    MFA
      Overview
      Backend integration
      Frontend integration
    Mobile Biometrics
      Overview
    M2M Authentication
      Authenticate an M2M Client
      Rotate client secrets
      Import M2M Clients from Auth0
    OAuth
    • Identity providers

      • Overview
        Provider setup
      Getting started with the API (Google)
      Add Google One Tap via the SDK
      Email address behavior
      Adding PKCE to an OAuth flow
    Connected AppsBeta
      Setting up Connected Apps
      About Remote MCP Servers
    • Resources

      • Integrate with AI agents
        Integrate with MCP servers
        Integrate with CLI Apps
    Passcodes
      Getting started with the API
      Getting started with the SDK
    • Toll fraud

      • What is SMS toll fraud?
        How you can prevent toll fraud
      Unsupported countries
    Passkeys & WebAuthn
    • Passkeys

      • Passkeys overview
        Set up Passkeys with the frontend SDK
    • WebAuthn

      • Getting started with the API
        Getting started with the SDK
    Passwords
      Getting started with the API
      Getting started with the SDK
      Password strength policy
    • Email verification

      • Overview
        Email verification before password creation
        Email verification after password creation
    Sessions
      How to use sessions
      Backend integrations
      Frontend integrations
      Custom claims
      Custom claim templates
      Session tokens vs JWTs
      How to use Stytch JWTs
    TOTP
      Getting started with the API
      Getting started with the SDK
    Web3
      Getting started with the API
      Getting started with the SDK

    Authorization

    Implement RBAC with metadata

    3rd Party Integrations

    Planetscale
    Supabase
    Feathery
    Unit

    Testing

    E2E testing
    Sandbox values
Get support on SlackVisit our developer forum

Contact us

Consumer Authentication

/

Guides

/

Authentication

/

Passcodes

/

Getting started with the SDK

Setting up Passcodes with the SDK

This is a step-by-step guide of how to integrate Stytch One-Time Passcodes (OTP) into your application using our frontend Javascript SDK. Our SDK provides pre-built UI components that you can use to easily add OTP flows to your application without having to without having to build your own login UI. For this guide, we are using Stytch's NextJS library to simplify the integration.

Step 1: Configure your Project in the Stytch Dashboard

Before adding passcodes to your application you will need to make the following Project configurations within the Stytch Dashboard:

  1. Within your new Project, navigate to SDK configuration, and click Enable SDK.
  2. Under API keys, save your Project's public_token for later.

NOTE: there are two environments available for building and running your application: Test and Live. The Project uses the Test environment by default. If you would like to call SMS OTP endpoints in Live, we require you to have a payment method configured in the Workplace Settings of your Dashboard.

Step 2: Add Stytch to your project

2.1 Add packages

Install @stytch/vanilla-js and @stytch/nextjs with the package manager of your choice.

npm install @stytch/vanilla-js @stytch/nextjs

or

yarn add @stytch/vanilla-js @stytch/nextjs

2.2 Initialize Stytch

At the top level of your application you will need to initialize the Stytch client using the public_token saved in Step 1.

import { StytchProvider } from "@stytch/nextjs";
import { createStytchUIClient } from "@stytch/nextjs/ui";

const STYTCH_PUBLIC_TOKEN = 'YOUR_PUBLIC_TOKEN'; 
const stytch = createStytchUIClient(STYTCH_PUBLIC_TOKEN);

function MyApp({ Component, pageProps }) {
  return (
      <StytchProvider stytch={stytch}>
        <Component {...pageProps} />
      </StytchProvider>
  );
}

export default MyApp;

Step 3: Configure OTP for signup and login

Next, create a component that will render on your signup and login page. Within this component you will configure and render the Stytch UI. The Stytch UI accepts a config object as an argument; learn more about this object here.

In the config you need to specify:

  1. The products that you'd like to display in the login component. In this case, we'll specify Products.otp.
  2. The options for each of the products that will be displayed in the login component. In this case, you'll need to include the otpOptions object. You'll need to specify which types of OTP flows you'd like to offer (email, sms, or whatsapp) in the methods array, and can optionally set a desired code expiration via the expirationMinutes parameter. Here we set an expiration of 10 minutes for the OTP code.
import React from 'react';
import { Products } from '@stytch/vanilla-js';
import { StytchLogin } from '@stytch/nextjs';

const config = {
  otpOptions: {
      methods: ["sms"],
      expirationMinutes: 10,
  },
  products: [
    Products.otp,
  ],
};

export const Login = () => {
  return (<StytchLogin config={config} />);
};

Step 4: Tie it all together

You have now built all the pieces needed for a OTP signup and login flow with our pre-built UI config. The SDK handles the code authentication and no further logic is necessary for the OTP flow. When a user logs in successfully, the SDK will automatically start and manage a session. You can learn more about how to use sessions here.

Have any feedback after integrating? Get in touch with us and tell us what you think in our forum, support@stytch.com, or in our Slack community.

Step 1: Configure your Project in the Stytch Dashboard

Step 2: Add Stytch to your project

2.1 Add packages

2.2 Initialize Stytch

Step 3: Configure OTP for signup and login

Step 4: Tie it all together