Skip to main content
One-Time Passwords (OTPs) are temporary codes for single use that can be delivered to users via email. OTPs expire after 5 minutes and can only be used once. OTPs can provide a more secure and convenient alternative to regular passwords. To use One-Time Passwords, they need to be enabled in the configuration:
  • nhost.toml
  • Dashboard
[auth.method.otp.email]
enabled = true
After the functionality has been enabled the flow is as follows:
  1. User requests an OTP:
  • javascript
  • dart
nhost.auth.signInOTPEmail({
  email: 'user@example.com'
})
  1. User receives an email with the OTP
  2. User enters the OTP
  • javascript
  • dart
nhost.auth.verifySignInOTPEmail({
  email: 'user@example.com',
  otp: '123456'
})
I