OTPs
An OTP (One-Time Password) represents a single-use code, typically linked to a permission associated with a resource such as a phygital token, POAP event, or guestbook event.
OTP codes authenticate specific actions, and are generated through querying valid Refs. Depending on the type of the OTP, the endpoint to redeem the associated resource may vary.
The createdAt time of an OTP can also be used to validate taps server-side: the frontend can query a ref, and pass it back to the server to authenticate that the tap was performed within a valid time window. This is useful for preventing replay attacks when links from taps are shared.
Get an OTP
Fetch information for a given OTP by its ID.
Request
GET /otps/:idResponse
{
"otp": "some-otp-code",
"isExpired": false,
"expiresAt": "2023-09-06T20:20:39.827Z",
"createdAt": "2023-09-06T19:20:39.827Z",
"type": "PHYGITAL_CLAIM",
"linkedToken": {
"contractAddress": "0x067f20be8e84c8fed733578e7249ea911111111",
"chainId": 1,
"tokenId": "1"
}
}| Field | Description | Type |
|---|---|---|
otp | The OTP code itself | string |
isExpired | Whether the OTP code has expired | boolean |
expiresAt | Timestamp indicating when the OTP expires | string |
createdAt | Timestamp indicating when the OTP was created | string |
type | The type of OTP, such as "PHYGITAL_CLAIM", "POAP_EVENT", or "GUESTBOOK_EVENT" | string |
linkedToken | If the OTP is linked to a Digital Twin NFT, this object provides related token information | LinkedToken? |
linkedToken.contractAddress | The smart contract address for the linked token | string |
linkedToken.chainId | The blockchain chain ID for the linked token | number |
linkedToken.tokenId | The token ID for the linked token | string |
poapEvent | If the OTP is linked to a POAP event, this object provides information about the POAP event | PoapEvent? |
poapEvent.id | ID of the linked POAP event | number |
poapEvent.poapEventId | POAP ID of the linked POAP event | number |
poapEvent.status | Status of the POAP event ("pending-approval", "future", "active", "expired", "rejected") | StatusEnum |
guestbookEvent | If the OTP is linked to a guestbook event, this object provides information about the event | GuestbookEvent? |
guestbookEvent.id | ID of the linked guestbook event | number |
guestbookEvent.name | Name of the linked guestbook event | string |
guestbookEvent.contractAddress | The smart contract address for the linked guestbook event | string |
guestbookEvent.chainId | The blockchain chain ID for the linked guestbook event | number |
guestbookEvent.tokenId | The token ID for the linked guestbook event | string |
guestbookEvent.createdAt | Timestamp indicating when the guestbook event was created | string |
Delete an OTP
Delete a given OTP by its ID. After deletion, the OTP will no longer be valid and requests to GET /otps/:id will return a 404.
Request
DELETE /otps/:idHeaders
| Header | Value | Required |
|---|---|---|
x-iyk-api-key | API key for user | Yes |
Response
{
"success": true
}