# OTP SMS

Using OTP's (One Time Passwords) for Sign-up, Sign-in, and 2FA (Two Factor Authentication) has become quite mainstream. You know how it works. You send a code to the mobile number of your end user. They enter that code in your app. You verify whether it is the correct code and let the user sign-in or sign-up or do whatever.

The whole process involves a few steps in case you wish to roll it on your own. It's not very complicated, but you still need to wrangle some code.

1. **Random Code Generator:** A small script that generates a random 'time bound one time password (OTP)'.
2. **Send Script:** To trigger an OTP SMS based on user input. (Pro Tip: The OTP SMS needs to be delivered on the 'Transactional Route')
3. **Verify Script:** When a user sends you back the OTP, you need to verify it's correctness and expiry time bound (say 5 minutes).
4. **Database:** A DB table where you store the OTP sent along with the timestamp for later verification.
5. **Rate Limiting:** So that a rouge agent does not request too many SMS's that shoot up your bill.   &#x20;

### Happy and time saving news for you!&#x20;

The SMS module in Send With SES now comes with a '**OTP SMS Template'** to handle all the above for you. You edit the template to suit your requirement ...&#x20;

![](/files/aGOSbBjiYTS2lTfdCd1s)

... and then trigger the ***Send API*** ...&#x20;

```
// Send API
{
      "method": "POST",
      "url": "https://api.sendwithses.com/send-otp",
      "headers": {"template-key": "a2aa10a6S7SDRBzRODj09OkeXelA2"},
      "body": {
          "sender_id": "ABCDEF"
          "origination_number": "+449876543212"
          "mobile": "+449876543210",
       }
}
```

... followed by the ***Verify API***.

```
// Verify API
{
      "method": "POST",
      "url": "https://api.sendwithses.com/verify-otp",
      "headers": {"template-key": "a2aa10a6S7SDRBzRODj09OkeXelA2"},
      "body": {
          "mobile": "+449876543210"
          "otp": "123456",
       }
}
```

### Every SMS is transparently tracked along with the cost.

![](/files/GVmnleByeOOvkPynp6vQ)

### No Extra Charges.

Starting 1-Nov-2021, this feature has been enabled for all users. There are no extra charges for using the OTP SMS feature. You only pay the [SMS cost](https://aws.amazon.com/sns/sms-pricing/) that is charged directly by AWS to you.

#### Don't have a Send With SES account? You can [signup for the free plan](https://www.sendwithses.com).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sendwithses.com/how/send-sms/otp-sms.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.