Home > API Reference > OTP Login Authentication

OTP Login Authentication

SigningHub supports second factor authentication using OTP via SMS at login time via the web site GUI.  Note this is different to OTP via SMS used in electronic signatures at the point of signing.  This specifically refers to using the second factor authentication for SigningHub system access.

To enable OTP via SMS second factor authentication see here.  It is an option in the Enterprise Role settings.

At least one SMS provider must be configured in SigningHub administration in order to use this functionality.

This API call is used to allow business applications to request an OTP via SMS to the user's mobile device for subsequent use in second factor authentication in the GUI.

Note the mobile number is an optional field.  If not supplied, SigningHub will attempt to send the OTP to the mobile number stored in the user's Profile settings.  If a mobile number is supplied in the call, then the OTP will be sent to this number, and any stored one under Profile settings will be ignored.

In the event that no mobile number is supplied, nor found under the user's Profile settings, an error will be returned.

https://api.signinghub.com/v3/authentication/otp

HTTP Verb

POST
Content-Type application/json

Accept

application/json
Authorization Bearer {access_token}
Request Body
{
   "mobile_number": "655675"
}

Status Code

Message

Response Body

200

OK


401 Unauthorized
{
    "Message": "Request authorization denied"
}
{
    "Message": "User authentication required"
}
403 Forbidden
{
    "Message": "You are not authorized to perform the requested operation"
}
{
    "Message": "Account is disabled"
}

400

Bad Request
{
    "Message": "Model state validation failed."
}

500

Internal Server Error

{
    "Message": "An internal server error occurred while processing the request"
}
  
 Explanation of parameters used in the request and response:

 Item Details
 Names
  Description
 Request Parameters
 access_token The access token obtained as a result of successful authentication. If "scope" parameter was used in authentication request, then this service requires the access token to be obtained using the credentials of an Enterprise admin whose enterprise role has the application integration privileges.
 mobile_number Mobile number of the user in case user do not have a mobile number already in his profile. SigningHub application will update the new phone number in the profile automatically. 
Response Parameters
 Message The service specific error message returned by the API. This message provides useful information about why the service has returned an error response.


See also
Authentication
Get Service Agreements
Kerberos Authentication
Revoke Refresh Tokens
Single Sign On Authentication
Get Public Authentication Profiles
Pre Login Authentication
Logout
SigningHub Admin APIs
Enterprise Management
Document Package
Document Workflow
Document Preparation
Document Processing
Account Management
Personal Settings
Appendix
Get SigningHub Admin Branding
Get SH Admin Branding Logo
Get SH Admin Branding Favicon
System Settings
Publish Workflow Completion Report
Get Profile Picture of Recipient
Get Enterprise Branding Logo
Get Enterprise Branding Favicon
OTP Verification