> ## Documentation Index
> Fetch the complete documentation index at: https://turnkey-0e7c1f5b-traian-remove-eip-712-note.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# OTP Login

> Login using an existing OTP Verification Token and a client-side signature. The signature's public key must match the public key contained within the OTP Verification Token.

export const NestedParam = ({parentKey, childKey, type, required, description, children}) => {
  const fullKey = `${parentKey}.${childKey}`;
  const anchorId = `body-${fullKey.replace(/\./g, '-')}`;
  return <div className="py-6 border-gray-100 dark:border-gray-800 border-b last:border-b-0">
  <div className="flex font-mono text-sm group/param-head param-head break-all relative" id={anchorId}>
    <div className="flex-1 flex content-start py-0.5 mr-5">
      <div className="flex items-center flex-wrap gap-2">
        <div className="absolute -top-1.5">
          <a href={`#${anchorId}`} className="-ml-[2.1rem] flex items-center opacity-0 border-0 group-hover/param-head:opacity-100 py-2 [.expandable-content_&]:-ml-[2.1rem]" aria-label="Navigate to header">
            <div className="w-6 h-6 text-gray-400 rounded-md flex items-center justify-center zinc-box bg-white ring-1 ring-gray-400/30 dark:ring-gray-700/25 hover:ring-gray-400/60 dark:hover:ring-white/20">
              <svg xmlns="http://www.w3.org/2000/svg" fill="gray" height="12px" viewBox="0 0 576 512">
                <path d="M0 256C0 167.6 71.6 96 160 96h72c13.3 0 24 10.7 24 24s-10.7 24-24 24H160C98.1 144 48 194.1 48 256s50.1 112 112 112h72c13.3 0 24 10.7 24 24s-10.7 24-24 24H160C71.6 416 0 344.4 0 256zm576 0c0 88.4-71.6 160-160 160H344c-13.3 0-24-10.7-24-24s10.7-24 24-24h72c61.9 0 112-50.1 112-112s-50.1-112-112-112H344c-13.3 0-24-10.7-24-24s10.7-24 24-24h72c88.4 0 160 71.6 160 160zM184 232H392c13.3 0 24 10.7 24 24s-10.7 24-24 24H184c-13.3 0-24-10.7-24-24s10.7-24 24-24z"></path>
              </svg>
            </div>
          </a>
        </div>
        <div className="font-semibold text-primary dark:text-primary-light cursor-pointer overflow-wrap-anywhere">
          <span className="text-gray-500 dark:text-gray-400">{parentKey}.</span>
          {childKey}
        </div>
        <div className="inline items-center gap-2 text-xs font-medium [&_div]:inline [&_div]:mr-2 [&_div]:leading-5">
          <div className="flex items-center px-2 py-0.5 rounded-md bg-gray-100/50 dark:bg-white/5 text-gray-600 dark:text-gray-200 font-medium break-all">
            <span>{type}</span>
          </div>
          {required && <span className="px-2 py-0.5 rounded-md bg-red-100/50 dark:bg-red-400/10 text-red-600 dark:text-red-300 font-medium whitespace-nowrap">
              required
            </span>}
        </div>
      </div>
    </div>
  </div>
  {children && <div className="mt-4">
      <div className="prose prose-sm prose-gray dark:prose-invert">
        {children}
      </div>
    </div>}
</div>;
};

export const H3Bordered = ({text}) => <h3 id={text.toLowerCase()} className="border-b pb-2.5 border-gray-100 dark:border-gray-800">
    {text}
  </h3>;

<div class="flex w-full flex-col bg-background-light dark:bg-background-dark border-standard rounded-2xl p-1.5 mb-4">
  <div class="flex items-center space-x-1.5">
    <div class="relative flex-1 flex gap-2 min-w-0 rounded-xl items-center cursor-pointer p-1.5 border-standard">
      <div class="rounded-lg font-bold px-1.5 py-0.5 text-sm leading-5 bg-blue-400/20 dark:bg-blue-400/20 text-blue-700 dark:text-blue-400">POST</div>
      <div class="text-sm font-mono text-gray-800 dark:text-white">[https://authproxy.turnkey.com/v1/otp\_login\_v2](https://authproxy.turnkey.com/v1/otp_login_v2)</div>
    </div>
  </div>
</div>

<H3Bordered text="Authorizations" />

<ParamField header="X-Auth-Proxy-Config-Id" type="string" required={true}>
  Your Auth Proxy config ID, found in **Dashboard → AUTH**. See [Auth Proxy reference](/reference/auth-proxy) for setup.
</ParamField>

<H3Bordered text="Body" />

<ParamField body="verificationToken" type="string" required={true}>
  Session containing a unique id, expiry, verification type, contact. Verification status of a user is updated when the token is consumed (in OTP\_LOGIN requests)
</ParamField>

<ParamField body="publicKey" type="string" required={true}>
  Client-side public key generated by the user, used as the session public key upon successful login.
</ParamField>

<ParamField body="clientSignature" type="object" required={true} path="clientSignature">
  <p>clientSignature field</p>

  <Expandable title="details">
    <NestedParam parentKey="clientSignature" childKey="publicKey" type="string" required={true} default="">
      The public component of a cryptographic key pair used to create the signature.
    </NestedParam>

    <NestedParam parentKey="clientSignature" childKey="scheme" type="enum<string>" required={true} default="">
      Enum options: `CLIENT_SIGNATURE_SCHEME_API_P256`
    </NestedParam>

    <NestedParam parentKey="clientSignature" childKey="message" type="string" required={true} default="">
      The message that was signed.
    </NestedParam>

    <NestedParam parentKey="clientSignature" childKey="signature" type="string" required={true} default="">
      The cryptographic signature over the message.
    </NestedParam>
  </Expandable>
</ParamField>

<ParamField body="invalidateExisting" type="boolean" required={false}>
  Invalidate all other previously generated Login sessions
</ParamField>

<ParamField body="organizationId" type="string" required={false}>
  Unique identifier for a given Organization. If provided, this organization id will be used directly. If omitted, uses the verification token to look up the verified sub-organization based on the contact and verification type.
</ParamField>

<H3Bordered text="Response" />

A successful response returns the following fields:

<ResponseField name="session" type="string" required={true}>Session containing an expiry, public key, session type, user id, and organization id</ResponseField>

<RequestExample>
  ```bash title="cURL" theme={null}
  curl --request POST \
    --url https://authproxy.turnkey.com/v1/otp_login_v2 \
    --header 'Accept: application/json' \
    --header 'Content-Type: application/json' \
    --header "X-Auth-Proxy-Config-Id: <string> (see Authorizations)" \
    --data '{
      "verificationToken": "<string>",
      "publicKey": "<string>",
      "clientSignature": {
          "publicKey": "<string>",
          "scheme": "<CLIENT_SIGNATURE_SCHEME_API_P256>",
          "message": "<string>",
          "signature": "<string>"
      },
      "invalidateExisting": "<boolean>",
      "organizationId": "<string>"
  }'
  ```
</RequestExample>

<ResponseExample>
  ```json 200 theme={null}
  {
    "session": "<string>"
  }
  ```
</ResponseExample>