One Time Passwords

Customers of DailyStory can utilize their DailyStory email and SMS marketing settings to add one time password (OTP) support for their own applications.

What is a one time password?

A One-Time Password (OTP) is a security mechanism where a user is given a password (or numeric code) that is valid for only one login session or transaction. After it’s used—or after a short time window—it becomes invalid.

Important

The following content includes examples that use the DailyStory API. An API key is required.

Generating a One Time Password

Make an HTTP POST request to the Send One Time Password API end point. It must include either an email, mobile number or both. If both are present, it will default to an SMS first.

For example:

HTTP POST POST https://us-s.dailystory.com/api/v1/verification/?email=test@example.com&mobile=15551234567899 HTTP 200 OK { "Status": true, "Message": "", "Response": { "dsid": "3c095687f9c844d58826d5a4e994215d" } }

The recipient will receive an SMS or email with a 6 character OTP code that is valid for 15 minutes.

Validating a One Time Password

To validate a OTP you will need both the OTP code and the dsid associated with the OTP.

Make an HTTP GET request to the following API URL. In the example below the DSID is part of the URL and the otp that was received is passed in as a parameter:

For example, to verify the OTP 629316 for the dsid 3c095687f9c844d58826d5a4e994215d:

GET https://us-1.dailystory.com/api/v1/verification/3c095687f9c844d58826d5a4e994215d?otp=629316 HTTP 200 OK { "Status": true, "Message": "The OTP is valid.", "Response": {} }

If the OTP is invalid, or the validation fails:

HTTP 400 { "Status": false, "Message": "The OTP is invalid.", "Response": {} }