SMS authentication enables users to authenticate their Turnkey account using their phone number via a 6-9 digit or bech32 alphanumeric one-time password (OTP). When authenticated, users receive an expiring API key stored in memory within an iframe, which functions like a session key to access their wallet.
INIT_OTP
- sends a 6-9 digit or bech32 alphanumeric OTP code to the specified phone numberVERIFY_OTP
- verifies the code and returns a verificationToken JWTOTP_LOGIN
- verified the verificationToken and returns a session JWTACTIVITY_TYPE_INIT_OTP
using the parent organization id with these parameters:
otpType
: specify "OTP_TYPE_SMS"
contact
: user’s phone numberemailCustomization
: optional parameters for customizing emailsuserIdentifier
: optional parameter for rate limiting SMS OTP requests per user.
We recommend generating this server-side based on the user’s IP address or public key.
See the OTP Rate Limits section below for more details.alphanumeric
: optional parameter for making this code bech32 alphanumeric or not. default: trueotpLength
: optional parameter for selecting the length of the OTP. default: 9expirationSeconds
: optional validity window (defaults to 5 minutes)ACTIVITY_TYPE_VERIFY_OTP
using the parent organization id which returns a verificationToken JWT:
otpId
: ID from the init activityotpCode
: the 6-9 digit or alphanumeric code received via emailexpirationSeconds
: optional validity window (defaults to 1 hour)ACTIVITY_TYPE_OTP_LOGIN
using the sub orgazanition ID associated with the contact from the first step:
publicKey
: public key to add to organization data associated with the signing key in IndexedDB or SecureStorage.verificationToken
: JWT returned from successfull VERIFY_OTP
activityexpirationSeconds
: optional validity window (defaults to 15 minutes)invalidateExisting
: optional boolean to invalidate previous login sessionsACTIVITY_TYPE_SET_ORGANIZATION_FEATURE
:
disableSmsAuth: true
in the CreateSubOrganizationIntentV7
activityACTIVITY_TYPE_REMOVE_ORGANIZATION_FEATURE
with feature name FEATURE_NAME_SMS_AUTH
userIdentifier
parameter is provided, the following limits are enforced:
userIdentifier