OTP API
One-Time Password
API
Send secure one-time passwords via SMS and WhatsApp. Perfect for two-factor authentication, account verification, and transaction confirmation.
Simple OTP Flow
Generate and send OTPs with just a few lines of code.
Send OTP
import Zavudev from '@zavudev/sdk';
import crypto from 'crypto';
const zavu = new Zavu('YOUR_API_KEY');
// Generate a secure 6-digit OTP
const otp = crypto.randomInt(100000, 999999).toString();
// Send via SMS (with WhatsApp fallback)
const message = await zavu.messages.send({
to: '+1234567890',
text: `Your verification code is: ${otp}. Valid for 10 minutes.`,
channel: 'auto', // Will try WhatsApp first, fall back to SMS
fallbackEnabled: true
});
// Store OTP hash with expiry for verification
// (Never store plain OTP - hash it!)OTP Features
Secure Generation
Cryptographically secure OTP codes generated on our servers.
Instant Delivery
OTPs delivered in seconds via SMS or WhatsApp.
Auto Expiry
Configurable expiry times from 1 to 60 minutes.
Rate Limiting
Built-in protection against brute force attacks.
Multi-Channel
Send OTPs via SMS or WhatsApp with fallback.
Compliance Ready
GDPR and SOC 2 compliant infrastructure.
OTP Best Practices
Use 6-digit codes for balance between security and usability
Set expiry times between 5-10 minutes
Implement rate limiting (max 3 OTP requests per 10 minutes)
Hash OTPs before storing - never store plain text
Lock accounts after 5 failed verification attempts
Use cryptographically secure random number generation
Invalidate OTP after successful verification
Allow users to request new OTP (with cooldown)
Ready to Implement OTP?
Start sending secure one-time passwords in minutes. Perfect for 2FA, verification, and authentication flows.