1. Phone Authentication
  • Overview
  • Application Guides
    • Frontend
      • Get Started - React App
      • Get Started - HTML and JS
      • Get Started - Angular JS
      • Get Started - Next JS App
    • Backend
      • Get Started - Node JS
      • Get Started - Golang
      • Get Started - ASP.NET
      • Get Started - JAVA
  • Dashboard
    • API Credentials
    • Organization
    • Social Login
    • Customize Email Template
    • Configure Custom Domain
    • IT Admin Portal
  • Authentication
    • Login Widget
    • Magic Link
    • Google Social Login
    • Multi-Factor Authentication
    • Single Sign-On Overview
    • Setup SSO Connection
  • Security
    • Overview
    • Authentication
      • Password Hashing and Storage
      • Multi-Factor Authentication Methods and Implementation
      • Session Management
    • Attack Protection
      • Bot Detection
      • Breached Password Detection
      • Brute Force Protection
      • Log Events
      • Secure JSON Web Tokens (JWT)
      • Secure OpenID Connect (OIDC)
      • Suspicious IP Throttling
    • Data Security
      • Data Encryption At Rest and In Transit
      • Secure Storage of Secrets (Keys, Credentials)
      • Sensitive Data Handling
    • Infrastructure
      • Security Considerations for Cloud Provider or Deployment Model
      • Threat Modeling
  • API References
    • Authentication
      • MagicLink
        • Email a Magic Link
        • Resend Email Magic Link
        • Verify Magic Link
        • Ping Status
      • Magic Auth Code
        • Email a Magic Auth Code
        • Resend Magic Auth Code
        • Verify Magic Auth Code
      • Phone Authentication
        • Send Magic Auth Code via SMS
          POST
        • Resend Magic Auth Code via SMS
          POST
        • Phone Magic Auth Verify
          POST
      • PassKey
        • Initiate Passkey Login
        • Passkey Registration Initialize
        • Finish Passkey Authentication
        • Complete Passkey Registration
        • Check User Passkey Authentication Status
        • List User PassKey Credentials
        • Update Passkey Name
        • Delete Associated Passkey
      • GET Auth Status
        GET
    • Token
      • Refresh Token
      • Access Token By Auth Code
    • Mutli-Factor Authentication (MFA)
      • MFA Access Token
      • List of Authenticators
      • MFA Enroll TOTP
      • Initiate MFA
      • QR Code Image API
      • Validate MFA Token
      • Get Backup Code
    • Role And Permission
      • List All Roles
      • List All Permission
      • Create New Role
      • Update Existing Role
      • Update Permission By Permission Id
      • Remove Organization Role By Role Id
      • Remove Organization Permission By Permission Id
    • User Management
      • List All Users
      • GET User By User Id
      • GET User by User Email Address
      • Create a User
      • Update User by User Id
      • Verify User Status By User Id
      • Delete User By User Id
      • Manage User Roles
      • GET Users Organizations
      • GET User Login Logs
    • Organization
      • Add New Organization
      • Get Organization
      • Get All Organization
      • Update Organization
      • Delete Organization
      • GET Configuration By Client Id
      • GET Configuration By Custom Domain
  1. Phone Authentication

Send Magic Auth Code via SMS

POST
https://api.ssojet.com/api/v1/auth/passwordless/phone-otp/send

Send Magic Auth Code via SMS#

This endpoint is used to send a one-time password (OTP) to the user's phone for passwordless authentication.

Request Body#

phone (string, required): The phone number of the user to whom the OTP will be sent.

Response#

state (string): The state parameter return in the response, it is used to track the status of a user authencation in the REST API. It helps in maintaining the user authencation context and monitoring its progress throughout the request lifecycle

Response Status Code#

200 OK: Magic link sent successfully.
400 Bad Request: Invalid email format.
500 Internal Server Error: An error occurred while processing the request.

Request

Query Params
client_id
string 
required
This identifies the application making the request to the SSOJET server. You can find your client ID on the API Keys page in the dashboard
Example:
string
Header Params
Content-Type
string 
required
Example:
application/json
User-Agent
string 
required
Example:
SSOJET API
Body Params application/json
phone_id
string 
required
Example
{
  "phone_id": "<The user phone number is used to send a one-time OTP (One-Time Password) for passwordless authentication>"
}

Request samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://api.ssojet.com/api/v1/auth/passwordless/phone-otp/send?client_id=string&client_id=' \
--header 'User-Agent: SSOjet/1.0.0 (https://ssojet.com)' \
--header 'Content-Type: application/json' \
--data-raw '{
    "phone_id": "<The user phone number is used to send a one-time OTP (One-Time Password) for passwordless authentication>"
}'

Responses

🟢200Send Magic Auth Code via SMS
application/json
Body
state_id
string 
required
Example
{
  "state_id": "646616daf9a276fa9a6446a1"
}
Previous
Verify Magic Auth Code
Next
Resend Magic Auth Code via SMS
Built with