Skip to main content
POST
https://authproxy.turnkey.com/v1/otp_login_v2
X-Auth-Proxy-Config-Id
string
required
Your Auth Proxy config ID, found in Dashboard → AUTH. See Auth Proxy reference for setup.
verificationToken
string
required
Session containing a unique id, expiry, verification type, contact. Verification status of a user is updated when the token is consumed (in OTP_LOGIN requests)
publicKey
string
required
Client-side public key generated by the user, used as the session public key upon successful login.
clientSignature
object
required

clientSignature field

invalidateExisting
boolean
Invalidate all other previously generated Login sessions
organizationId
string
Unique identifier for a given Organization. If provided, this organization id will be used directly. If omitted, uses the verification token to look up the verified sub-organization based on the contact and verification type.
A successful response returns the following fields:
session
string
required
Session containing an expiry, public key, session type, user id, and organization id
curl --request POST \
  --url https://authproxy.turnkey.com/v1/otp_login_v2 \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --header "X-Auth-Proxy-Config-Id: <string> (see Authorizations)" \
  --data '{
    "verificationToken": "<string>",
    "publicKey": "<string>",
    "clientSignature": {
        "publicKey": "<string>",
        "scheme": "<CLIENT_SIGNATURE_SCHEME_API_P256>",
        "message": "<string>",
        "signature": "<string>"
    },
    "invalidateExisting": "<boolean>",
    "organizationId": "<string>"
}'

{
  "session": "<string>"
}