Our API consists of two primary endpoints to send and verify an OTPs, as well as a number of other supporting endpoints for reporting and other advanced features:
This endpoint generates an OTP and sends it to a specified phone number.
phone_number: The mobile number to send the OTP to. Include country code with no prefix. (Required)
otp_length: The length of the Code. Must be between 3 and 8. (Default: 6)
otp_validity: The validity period for the OTP in seconds. Must be between 30 and 14400. (Default: 300)
template_order: The message template to use. Must be a valid number. (Default: 1)
force_send: Force send an OTP to a number with a valid OTP outstanding. (Default: False)
return_otp: Return the OTP value in the response. This is NOT compliant with regulations in many markets. (Default: False)
brand: Force a different brand name manually. This overrides account brand. (Default: From Account)
A successful request will return a JSON object with the following fields:
{
"message_id": "The ID of the sent message",
"status": "The status of the request",
"message": "A message describing the status or error of the request",
"date_sent": "The UTC timestamp when the OTP was sent",
"expires_at": "The UTC timestamp when the OTP expires",
"cost": "The cost of delivering this OTP of this mobile number",
"otp": "string"
}
This endpoint verifies a provided OTP if it matches the generated and sent one.
Request Parameters
message_id: The ID of the message to verify. (Recommended) otp: The code to verify. Must be between 3 and 8 digits. (Required)
phone_number: The mobile number you sent an OTP to. Allowed if message_id is not included. (Optional) A successful request will return a JSON object with the following fields:
{
"status": "The status of the code verification",
"reason": "A message describing the reason of a failed status. Ommitted on success."
"message": "A message describing the status of the verification process"
}
This endpoint extends the expiry time of an existing OTP.
Request Parameters
message_id: The ID of the message to extend. (Required)
duration: The number of seconds to extend the existing OTP validity. Same as otp_validity. (Required)
A successful request will return a JSON object with the following fields:
{
"status": "The status of the request",
"message": "A message describing the status or error of the request",
"expires_at": "The new UTC timestamp when the OTP expires"
}
This endpoint checks delivery report and if a sent OTP is still active or expired.
Request Parameters
message_id: The ID of the message to check. (Required)
A successful request will return a JSON object with the following fields:
{
"DLR": "The delivery report from the carrier or OTT provider",
"is_valid": "Whether the OTP is still active or not"
"expires_at": "The UTC timestamp when the OTP expires"
}
This endpoint checks delivery report and if a sent OTP is still active or expired.
Request Parameters
start_date: The start date of the report in YYY-MM-DD format. (Default: 7 days ago)
end_date: The end date of the report in YYY-MM-DD format. (Default: today)
page: The page number to fetch. Minimum 1. (Default: 1)
per_page: The number of items per page to fetch. Must be between 1 and 100. (Default: 10)
A successful request will return a JSON object with the following fields:
{
"transactions": [
{
"message_id": "The ID of the message",
"phone_number": "The mobile phone number",
"cost": 0,
"timestamp": "UTC timestamp",
"message_type": 0,
"description": "The description of this request",
"force_send": false,
"client_ip": "The IP address of the client which made this request",
"application": "The name of the application this API key is assigned to",
"created_at": "UTC timestamp"
}
]
}
200: Success. The request was successful.400: Bad request. The request could not be understood or was missing required parameters.401: Unauthorized. Authentication failed or user does not have permissions for the requested operation.402: Payment Required. User balance is insufficient.404: Not Found. No OTP record or message_id was not found.409: Conflict. OTP already active for the same phone number.500: Internal Server Error. An error occurred on the serverTo make it easier for you to get started, we’ve provided a Swagger-UI with OpenAPI specs of our API.
This interactive tool allows you to try out our API endpoints directly from your web browser. You can enter your API key, fill in the request parameters, and see the API responses in real time.
Want to test the API right now? Go to Swagger-UI
We hope you find our API easy to use and adds value to your business. Happy coding!
If you have any questions or run into any issues, please contact our support team at support@myotp.app.
We’re here to help!
The team at MyOTP.App came together with a shared passion for simplifying
and democratizing two-factor authentication, and we’ve been working tirelessly ever
since to provide the best possible service to our clients.
© 2025 My OTP App by Broadnet | All rights reserved
