| Time | Status | User Agent | |
|---|---|---|---|
Retrieving recent requests… | |||
This API generates a one-time password (OTP) that the customer uses for multi-factor authentication (MFA). The API uses the session ID created by /mfa/token/generate.
OTP rate limiting
The number of OTPs that can be generated per mobile number is controlled by organization-level configuration settings:
- otpMaxCount: Maximum number of OTPs that can be generated for a mobile number within a specified time window.
- otpTimeOut: Time window (in minutes) for the OTP rate limit.
If both configurations are set, the API enforces the limit. If either configuration is not set (null), there is no rate limit, and OTPs can be generated without restriction.
If the rate limit is reached, further OTP generation requests for that mobile number are blocked until the time window resets.
Prerequisites
-
Access group resource: Write access to customer group resource. For more information on access control, see the access group documentation.
-
Authentication: Basic or OAuth authentication details. For more information on authentication, see the Authentication documentation.
Example request
curl --location 'https://eu.api.capillarytech.com/auth/v1/mfa/otp/generate' \
--header 'Content-Type: application/json' \
--data '{
"identifierType":"MOBILE",
"identifierValue":"18767431754",
"deviceId": "1234",
"brand": "Bukl",
"sessionId": "P-b04c1001-ef08-4125-9886-f9d8b4c5d9b8"
}'Resource information
| URI | /auth/v1/mfa/otp/generate |
| HTTP method | POST |
| Pagination supported? | NA |
| Rate limit | Controlled by organization-level configuration (see OTP rate limiting above) |
| Batch support | NA |
Request body parameters
| Parameter (Parameters marked with * are mandatory) | Data Type | Description |
|---|---|---|
identifierType* | Enum | Customer identifier used for MFA token generation. Values: MOBILE, EMAIL, USERNAME, EXTERNALID. If you want to use external ID, external ID login must be enabled in the organisation settings. |
identifierValue* | String | Value of the identifier. For example, if identifierType is MOBILE, the identifierValue is mobile number. If you want to send the OTP to WhatsApp or Zalo, you need to raise a JIRA ticket to the sustenance team to define the related configurations and configure the templates. |
deviceId* | String | Device ID of the customer that receives OTP. |
brand* | String | Name of the brand or organisation that needs verification. |
sessionId* | String | Unique session ID created from /mfa/token/generate API. |
Response parameters
| Parameter | Data Type | Description |
|---|---|---|
| status | object | Object containing status information. |
| boolean | Boolean indicating the status of the request. |
| integer | HTTP status code indicating the result. Example: 200 indicates success. |
| string | Message describing the status of the request. |
{
"status": {
"success": true,
"code": 200,
"message": "SUCCESS"
}
}