Sign in with SMS OTP

POST

/signin/passwordless/sms

• Nhost Authentication API Server

Initiate passwordless authentication by sending a one-time password to the user’s phone number. If the user doesn’t exist, a new account will be created with the provided options.

Request Body ^required

Phone number and optional user options for SMS OTP authentication

object

phoneNumber

required

Phone number of the user

string

Example

+123456789

options

object

allowedRoles

Array<string>

Example

[
  "me",
  "user"
]

defaultRole

string

Example

user

displayName

string

<= 32 characters /^[\p{L}\p{N}\p{S} ,.'-]+$/

Example

John Smith

locale

A two or three characters locale

string

>= 2 characters <= 3 characters

Example

en

metadata

object

key

additional properties

any

Example

{
  "firstName": "John",
  "lastName": "Smith"
}

redirectTo

string format: uri

Example

https://my-app.com/catch-redirection

Responses

200

OTP sent to user’s phone number successfully

string

Allowed values: OK

default

An error occurred while processing the request

Standardized error response

object

status

required

HTTP status error code

integer

Example

400

message

required

Human-friendly error message

string

Example

Invalid email format

error

required

Error code identifying the specific application error

string

Allowed values: default-role-must-be-in-allowed-roles disabled-endpoint disabled-user email-already-in-use email-already-verified forbidden-anonymous internal-server-error invalid-email-password invalid-request locale-not-allowed password-too-short password-in-hibp-database redirectTo-not-allowed role-not-allowed signup-disabled unverified-user user-not-anonymous invalid-pat invalid-refresh-token invalid-ticket disabled-mfa-totp no-totp-secret invalid-totp mfa-type-not-found totp-already-active invalid-state oauth-token-echange-failed oauth-profile-fetch-failed oauth-provider-error invalid-otp cannot-send-sms provider-account-already-linked