POST /api/auth/send-otp
Send a one-time password (OTP) to a user’s email address.
This endpoint sends a one-time password (OTP) to the specified email address.
OTPs are typically used for email verification, password reset flows, or additional authentication steps.
When to use
- Before verifying an email address
- As part of a password reset flow
- For OTP-based authentication flows
Request
HTTP
POST /api/auth/send-otp
Content-Type: application/jsonRequest Body
{
"email": "user@example.com"
}Request Fields
| Field | Type | Required | Description |
|---|---|---|---|
| string | Yes | Target email address |
Response
Success (200 OK)
Response
{
"success": true,
"message": "OTP sent successfully"
}Errors
Invalid request (400)
Error
{
"success": false,
"message": "Email is required"
}Rate limited (429)
Error
{
"success": false,
"message": "Too many OTP requests"
}Notes
- OTPs are time-limited and expire automatically
- Only the latest OTP for an email is valid
- Email delivery depends on SMTP configuration
Related APIs
- POST
/api/auth/verify-otp– Verify OTP - POST
/api/auth/set-new-password– Reset password