/
Contact usSee pricingStart building
    Overview
    iOS SDK reference
    Android SDK reference

    React Native SDK reference

    Installation
    Changelog
    Configuration
    Pre-built UI
      UI Configuration
    Users
      Get user
      Update user
      Delete authentication factors
    RBAC
      Is Authorized
      Permissions
    Email Magic Links
      Send
      Login or create
      Authenticate
    OAuth
      Start
      Authenticate
    Passwords
      Create
      Authenticate
      Reset by Email Start
      Reset by Email
      Strength Check
    One-time Passcodes (OTP)
      Login or create via SMS
      Send via SMS
      Login or create via Email
      Send via Email
      Login or create via WhatsApp
      Send via WhatsApp
      Authenticate
    Time-Based One-Time Passcodes (TOTP)
      Create
      Authenticate
      Get Recovery Codes
      Recover
    Session Management
      Get Session
      Authenticate Session
      Revoke Session
      Update Session
      Get Tokens
    Passkeys & WebAuthn
      Register
      Authenticate
      Update
    Biometrics
      Introduction
      Register
      Authenticate
      Keystore available
      Registration available
      Remove registration
      Get sensor
      Errors
    Device Fingerprinting
      Get telemetry ID
    More Resources
      SWR & caching
      Deep linking
      Android KeyStore considerations
Get support on SlackVisit our developer forum

Contact us

Consumer Authentication

/

Mobile SDKs

/

React Native SDK reference

/

Time-Based One-Time Passcodes (TOTP)

/

Recover

Recover

Wraps Stytch's recover endpoint. Call this method to authenticate a recovery code for a TOTP instance.

If this method succeeds, the user will be logged in, granted an active session,and the session data will be persisted on device.

You can listen for successful login events anywhere in the codebase with the stytch.session.onChange() method or useStytchSession hook.


Method parameters


recovery_code* string

The recovery code to authenticate.


session_duration_minutes* int

Set the session lifetime to be this many minutes from now. This will return both an opaque session_token and session_jwt for this session, which will automatically be stored either in the browser cookies if you're using our JavaScript SDK, or in the iOS Keychain/ Android SharedPreferences if you're using one of our mobile SDKs. The session_jwt will have a fixed lifetime of five minutes regardless of the underlying session duration, and will be automatically refreshed by the SDK in the background over time.

This value must be a minimum of 5 and may not exceed the maximum session duration minutes value set in the Frontend SDK page of the Stytch Dashboard.

A successful authentication will continue to extend the session this many minutes.

import React, { useCallback, useState } from 'react';
import { Text, TouchableOpacity, View, TextInput } from 'react-native';
import { useStytch } from '@stytch/react-native';

export const UseTOTPRecoveryCode = () => {
  const stytch = useStytch();
  const [recoveryCode, setRecoveryCode] = useState('');
  const useTOTPRecoveryCode = useCallback(() => {
    stytch.totp.recover({
      recovery_code: recoveryCode,
      session_duration_minutes: 5,
    });
  }, [stytch, recoveryCode]);

  return (
    <View>
      <TextInput placeholder="123456" onChangeText={setRecoveryCode} />
      <TouchableOpacity onPress={useTOTPRecoveryCode}>
        <Text>Use TOTP Recovery Code</Text>
      </TouchableOpacity>
    </View>
  );
};
RESPONSE 200
200
​
{
  "status_code": 200,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "totp_id": "totp-test-41920359-8bbb-4fe8-8fa3-aaa83f35f02c",
  "session": null,
  "session_jwt": "",
  "session_token": "",
  "user": {...},
  "user_id": "user-test-16d9ba61-97a1-4ba4-9720-b03761dc50c6"
}
RESPONSE 400
200
​
{
  "status_code": 400,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "error_type": "invalid_user_id",
  "error_message": "user_id format is invalid.",
  "error_url": "https://stytch.com/docs/api/errors/400"
}
RESPONSE 401
200
​
{
  "status_code": 401,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "error_type": "unable_to_auth_totp_code",
  "error_message": "The totp_code could not be authenticated.",
  "error_url": "https://stytch.com/docs/api/errors/401"
}
RESPONSE 429
200
​
{
  "status_code": 429,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "error_type": "too_many_requests",
  "error_message": "Too many requests have been made.",
  "error_url": "https://stytch.com/docs/api/errors/429"
}
RESPONSE 500
200
​
{
  "status_code": 500,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "error_type": "internal_server_error",
  "error_message": "Oops, something seems to have gone wrong, please reach out to support@stytch.com to let us know what went wrong.",
  "error_url": "https://stytch.com/docs/api/errors/500"
}