Sign In with One-Time Passwords
OTP one-time password passwordless email verification temporary code 2FA authentication codeOne-Time Passwords (OTPs) are temporary codes for single use that can be delivered to users via email. OTPs expire after 5 minutes and can only be used once. OTPs can provide a more secure and convenient alternative to regular passwords.
To use One-Time Passwords, they need to be enabled in the configuration:
[auth.method.otp.email]enabled = true
After the functionality has been enabled the flow is as follows:
- User requests an OTP:
nhost.auth.signInOTPEmail({ email: 'user@example.com'})nhost.auth.signInEmailOTP(email: "user@example.com");- User receives an email with the OTP
- User enters the OTP
nhost.auth.verifySignInOTPEmail({ email: 'user@example.com', otp: '123456'})nhost.auth.verifyEmailOTP(email: "user@example.com", otp: "123456");