POST
/
{locale}
/
shop
/
auth
/
request-otp
curl -X POST "https://staging-api.loyalty.lt/en/shop/auth/request-otp" \
  -H "X-API-Key: your_api_key" \
  -H "X-API-Secret: your_api_secret" \
  -H "Content-Type: application/json" \
  -d '{
    "phone": "+37060000000",
    "type": "login"
  }'

{
  "success": true,
  "message": "OTP sent successfully",
  "data": {
    "phone": "+37060****000",
    "expires_at": "2024-01-15T10:35:00Z"
  }
}

Request OTP

Send an OTP (One-Time Password) code to a user’s phone number for authentication. This is the first step in the phone-based authentication flow.
OTP codes are valid for 5 minutes and can be requested up to 5 times per minute per phone number.

Request Body

phone
string
required
User’s phone number in international format (e.g., “+37060000000”)
type
string
required
Type of OTP request
  • login - For existing users
  • register - For new user registration
  • verify - For phone verification

Response

success
boolean
Indicates if the request was successful
message
string
Human-readable message about the operation
data
object
curl -X POST "https://staging-api.loyalty.lt/en/shop/auth/request-otp" \
  -H "X-API-Key: your_api_key" \
  -H "X-API-Secret: your_api_secret" \
  -H "Content-Type: application/json" \
  -d '{
    "phone": "+37060000000",
    "type": "login"
  }'

{
  "success": true,
  "message": "OTP sent successfully",
  "data": {
    "phone": "+37060****000",
    "expires_at": "2024-01-15T10:35:00Z"
  }
}

Next Steps

After successfully requesting an OTP:
  1. Verify OTP: Use the Login endpoint with the phone number and OTP code
  2. Handle Errors: Implement proper error handling for rate limits and validation errors
  3. User Experience: Show appropriate loading states and countdown timers

Login with OTP

Complete the authentication flow by logging in with the OTP code