PHPackages otpless/otpless-auth-sdk - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. otpless/otpless-auth-sdk ActiveLibrary otpless/otpless-auth-sdk ======================== SDK for Backend PHP SDK for resolving idToken and more. 1.21.0(1y ago)0774↓50%1[1 issues](https://github.com/otpless-tech/otpless-php-auth-sdk/issues)MITPHP Since Oct 16Pushed 1y agoCompare [ Source](https://github.com/otpless-tech/otpless-php-auth-sdk)[ Packagist](https://packagist.org/packages/otpless/otpless-auth-sdk)[ RSS](/packages/otpless-otpless-auth-sdk/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (3)Versions (20)Used By (0) Merchant Integration Documentation(Backend PHP Auth SDK) ======================================================== [](#merchant-integration-documentationbackend-php-auth-sdk) --- > ## A. OTPLessAuth Dependency > > [](#a-otplessauth-dependency) > > install Below dependency in your project's ``` composer require otpless/otpless-auth-sdk ``` you can also get latest version of dependency at --- > ## B. OTPLessAuth class > > [](#b-otplessauth-class) The `OtplessAuth` class provides methods to integrate OTPLess authentication into your PHP backend application. This documentation explains the usage of the class and its methods. ### Methods: [](#methods) --- > ### 1. decodeIdToken > > [](#1-decodeidtoken) --- This method help to resolve `idToken(JWT token)` which is issued by `OTPLess` which return user detail from that token also this method verify that token is valid, token should not expired and issued by only `otpless.com` ##### Method Signature: [](#method-signature) ``` decodeIdToken(id_token, client_id, client_secret, audience=None) ``` #### Method Params: [](#method-params) ParamsData typeMandatoryConstraintsRemarksidTokenStringtrueidToken which is JWT token which you get from `OTPLess` by exchange code APIclientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return) Return: Object Name: UserDetail ``` {'success': True, 'auth_time': 1697649943, 'phone_number': '+9193******', 'email': 'dev***@gmail.com', 'name': 'Devloper From OTP-less', 'country_code': '+91', 'national_phone_number': '9313******'} ``` > ### 2. verify code > > [](#2-verify-code) --- This method help to resolve `code` which is return from `OTPLess` which will return user detail from that code also this method verify that code is valid, code should not expired and issued by only `otpless.com` ##### Method Signature: [](#method-signature-1) ``` verifyCode(code, client_id, client_secret) ``` #### Method Params: [](#method-params-1) ParamsData typeMandatoryConstraintsRemarkscodeStringtruecode which you get from `OTPLess`clientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-1) Return: Object Name: UserDetail ``` {'success': True, 'auth_time': 1697649943, 'phone_number': '+9193******', 'email': 'dev***@gmail.com', 'name': 'Devloper From OTP-less', 'country_code': '+91', 'national_phone_number': '9313******'} ``` > ### 3. Verify Auth Token > > [](#3-verify-auth-token) --- This method help to resolve `token` which is issued by `OTPLess` which return user detail from that token also this method verify that token is valid, token should not expired and issued by only `otpless.com` ##### Method Signature: [](#method-signature-2) ``` verifyToken(token, client_id, client_secret) ``` #### Method Params: [](#method-params-2) ParamsData typeMandatoryConstraintsRemarkstokenStringtruetoken which you get from `OTPLess`clientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-2) Return: Object Name: UserDetail ``` {'success': True, 'auth_time': 1697649943, 'phone_number': '+9193******', 'email': 'dev***@gmail.com', 'name': 'Devloper From OTP-less', 'country_code': '+91', 'national_phone_number': '9313******'} ``` --- > ### 4. Generate Magic link > > [](#4-generate-magic-link) --- The Authorization Endpoint initiates the authentication process by sending a `magic link` to the user's WhatsApp or email, based on the provided contact information. This link is used to verify the identity of the user. Upon the user's action on this link, they are redirected to the specified URI with an authorization code included in the redirection. ##### Method Signature: [](#method-signature-3) ``` generateMagicLink(mobile_number, email, client_id, client_secret,redirect_uri,channel) ``` #### Method Params: [](#method-params-3) ParamsData typeMandatoryConstraintsRemarkschannelStringfalseif no channel given WHATSAPP is chosen as defaultWHATSAPP/SMSmobile\_numberStringfalseAt least one requiredThe user's mobile number for authentication in the format: country code + number (e.g., 91XXXXXXXXXX)emailStringfalseAt least one requiredThe user's email address for authentication.redirect\_uriStringtrueThe URL to which the user will be redirected after authentication. This should be URL-encodedclientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-3) Return: Object Name: RquestIds ``` {"requestIds":[{"type":"MOBILE","value":"ac48690347c24c0b8b54270590392b2a"}],"success":true} ``` ### Example of usage [](#example-of-usage) ``` require '../vendor/autoload.php'; use Otpless\OTPLessAuth; // Your ID token to decode $token = 'your token here'; $clientId = 'your client id here'; $clientSecret = 'your client secret here'; // Initialize the library class $auth = new OtplessAuth(); $auth->verifyToken($token,$clientId,$clientSecret); ``` > ### 5. Send OTP > > [](#5-send-otp) This method help to send OTP to your users and OTP issued by only `otpless.com` ``` sendOtp(phoneNumber, email, orderId, expiry, hash, clientId, clientSecret, otpLength, channel) ``` #### Method Params: [](#method-params-4) ParamsData typeMandatoryConstraintsRemarksphoneNumberStringtrueMobile Number of your usersemailStringtrueMail Id of your userschannelStringfalseWHATSAPP, SMShashStringtrueYour mobile application HashorderIdStringtrueUnique Order idexpiryIntfalseOTP expiry in secotpLengthStringfalseValues like 6 or 4clientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-4) ``` {"success":true,"orderId":"V112444","refId":"108","message":"success"} ``` --- > ### 6. ReSend OTP > > [](#6-resend-otp) This method help to resend OTP to your users and OTP issued by only `otpless.com` ``` resendOtp(orderId, clientId, clientSecret) ``` #### Method Params: [](#method-params-5) ParamsData typeMandatoryConstraintsRemarksorderIdStringtrueUnique Order id(same as send method)clientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-5) ``` {"success":true,"orderId":"V112444","refId":"108","message":"success"} ``` --- > ### 7. Verify OTP > > [](#7-verify-otp) This method help to Verify OTP to your users and OTP issued by only `otpless.com` ##### Method Signature: [](#method-signature-4) ``` verifyOtp(phoneNumber,email, orderId, otp, clientId, clientSecret) ``` #### Method Params: [](#method-params-6) ParamsData typeMandatoryConstraintsRemarksemailStringtrueMail Id of your usersphoneNumberStringtrueMobile Number of your usersorderIdStringtrueUnique Order idotpStringtrueEnter otp hereclientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret```` {"success":true,"isOTPVerified":true} ``` > ### 8. Send OTP V2 > > [](#8-send-otp-v2) This method help to send OTP to your users and OTP issued by only `otpless.com` ``` sendOtp(clientId, clientSecret, phoneNumber, email, expiry, hash, otpLength, channels, metadata) ``` #### Method Params: [](#method-params-7) ParamsData typeMandatoryConstraintsRemarksphoneNumberStringtrueMobile Number of your usersemailStringtrueMail Id of your userschannelListfalse\["WHATSAPP"\], \["SMS"\]hashStringfalseYour mobile application HashexpiryIntfalseOTP expiry in secotpLengthStringfalseValues like 6 or 4metadataObjectfalseclientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-6) `200 OK` ``` { "requestId": "82b2891ce5394eeb837cc9d7850fef68" } ``` `4XX` ``` { "message": "Invalid Request", "description": "Request error: OTP Length is invalid. 4 and 6 only allowed" } ``` --- > ### 9. verify otp V2 > > [](#9-verify-otp-v2) ``` verifyOtp(clientId, clientSecret, requestId, otp) ``` #### Method Params: [](#method-params-8) ParamsData typeMandatoryConstraintsRemarksrequestIdStringtrueUnique requestId (from sendOTP)otpStringtrueOTPclientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-7) `200 OK` ``` { "requestId": "bb85a5e777004c0fa1d4a5dc6f053cce", "isOTPVerified": true, "message": "OTP verified successfully" } ``` `4XX` ``` { "message": "Invalid Request", "description": "Request error: Invalid token/request Id" } ``` --- > ### 9. send magic link > > [](#9-send-magic-link) ``` generateMagicLink(clientId, clientSecret, phoneNumber, email, expiry, redirectURI, channels, metadata) ``` #### Method Params: [](#method-params-9) ParamsData typeMandatoryConstraintsRemarksphoneNumberStringtrueMobile Number of your usersemailStringtrueMail Id of your userschannelsListfalse\["WHATSAPP"\], \["SMS"\]redirectURIStringtrueredirect UrlexpiryIntfalseLink expiry in secmetadataObjectfalseclientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-8) `200 OK` ``` { "requestId": "c4db2da14be94f44b2de64753ab8c30b" } ``` `4XX` ``` { "message": "Invalid Request", "description": "Request error: Invalid redirect URI" } ``` --- > ### 10. send otp link > > [](#10-send-otp-link) ``` generateOTPLink(clientId, clientSecret, phoneNumber, email, expiry, hash, otpLength, redirectURI, channels, metadata) ``` #### Method Params: [](#method-params-10) ParamsData typeMandatoryConstraintsRemarksphoneNumberStringtrueMobile Number of your usersemailStringtrueMail Id of your userschannelsListfalse\["WHATSAPP"\], \["SMS"\]redirectURIStringtrueredirect UrlexpiryIntfalseOTP and Link expiry in secotpLengthStringfalseValues like 6 or 4metadataObjectfalseclientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-9) `200 OK` ``` { "requestId": "df0228c84de845d2ab1f377d0f407c68" } ``` `4XX` ``` { "message": "Invalid Request", "description": "Request error: Invalid phone number's channel" } ``` --- > ### 9. verify code > > [](#9-verify-code) ``` verifyCode(clientId, clientSecret, code) ``` #### Method Params: [](#method-params-11) ParamsData typeMandatoryConstraintsRemarksphoneNumberStringtrueMobile Number of your usersemailStringtrueMail Id of your userschannelsListfalse\["WHATSAPP"\], \["SMS"\]redirectURIStringtrueredirect UrlexpiryIntfalseLink expiry in secmetadataObjectfalseclientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-10) `200 OK` ``` { "requestId": "7bb4738eXXXXXXXXXX", "message": "Code verified successfully", "userDetails": { "token": "7bXX4738eXXXXXXXXXX", "timestamp": "2024-05-29T14:09:42Z", "identities": [ { "identityType": "MOBILE", "identityValue": "9195XXXXXXXX", "channel": "WHATSAPP", "methods": ["WHATSAPP"], "name": "XXX", "verified": true, "verifiedAt": "2024-05-29T14:09:01Z" } ], "network": { "ip": "35.154.XX.XXX", "timezone": "Asia/Kolkata", "ipLocation": { "city": { "name": "Mumbai" }, "subdivisions": { "code": "MH", "name": "Maharashtra" }, "country": { "code": "IN", "name": "India" }, "continent": { "code": "AS" }, "latitude": 11.0748, "longitude": 22.8856, "postalCode": "123456" } }, "deviceInfo": { "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" } } } ``` `4XX` ``` { "message": "Expired", "description": "Request error: Token is expired" } ``` --- > ### 11. initiateOAuth > > [](#11-initiateoauth) ``` initiateOAuth(clientId, clientSecret, channels, redirectURI, expiry, metadata) ``` #### Method Params: [](#method-params-12) ParamsData typeMandatoryConstraintsRemarkschannelsListtrue\["WHATSAPP"\]redirectURIStringtrueredirect UrlexpiryIntfalseLink expiry in secmetadataObjectfalseclientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-11) `200 OK` ``` { "requestId": "7bb4738e978XXXXXXX", "link": "whatsapp://send?phone=919XXXXXX&text=%E2%80%8E%E2%80%8C%E2%80%8E%E2%80%8E%E2%80%8E%E2%80%8C%E2%80%8D%E2%80%8B%E2%80%8B%E2%80%8B%E2%80%8D%E2%80%8C%E2%80%8E%E2%80%8B%E2%80%8B%E2%80%8ESend%20message%20to%20sign%20in" } ``` `4XX` ``` { "message": "Invalid Request", "description": "Request error: Invalid redirect URI" } ``` --- > ### 12. check status > > [](#12-check-status) ``` checkStatus($clientId, $clientSecret, $requestId) ``` #### Method Params: [](#method-params-13) ParamsData typeMandatoryConstraintsRemarksrequestIdStringtrueGot from Initiate OAUTH V2 APIclientIdStringtrueYour OTPLess `Client Id`clientSecretStringtrueYour OTPLess `Client Secret`#### Return [](#return-12) `200 OK` ``` { "token": "5b59fd875e6848d6bd1c97aefe83d8b5", "timestamp": "2024-05-30T08:12:18Z", "identities": [ { "identityType": "MOBILE", "identityValue": "9195XXXX3993", "channel": "WHATSAPP", "methods": ["WHATSAPP"], "name": "viKi!", "verified": true, "verifiedAt": "2024-05-30T08:11:24Z" } ], "network": { "ip": "13.235.XX.XXX", "timezone": "Asia/Kolkata", "ipLocation": { "city": { "name": "Mumbai" }, "subdivisions": { "code": "MH", "name": "Maharashtra" }, "country": { "code": "IN", "name": "India" }, "continent": { "code": "AS" }, "latitude": 11.0748, "longitude": 22.8856, "postalCode": "123456" } }, "deviceInfo": { "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" } } ``` `4XX` ``` { "message": "Invalid Request", "description": "Request error: Invalid token/request Id" } ``` ### Health Score 29 — LowBetter than 59% of packages Maintenance31 Infrequent updates — may be unmaintained Popularity16 Limited adoption so far Community7 Small or concentrated contributor base Maturity51 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~13 days Recently: every ~36 days Total 18 Last Release 713d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/15cbf5b83ced1b9c2651008e15d5674d491265086a9c5a3fec900105f4b4fa30?d=identicon)[OTPLESS\_2023](/maintainers/OTPLESS_2023) --- Top Contributors [![bobby0007](https://avatars.githubusercontent.com/u/112384256?v=4)](https://github.com/bobby0007 "bobby0007 (1 commits)") ### Embed Badge ![Health badge](/badges/otpless-otpless-auth-sdk/health.svg) ``` [![Health](https://phpackages.com/badges/otpless-otpless-auth-sdk/health.svg)](https://phpackages.com/packages/otpless-otpless-auth-sdk) ``` ### Alternatives [laravel/socialite Laravel wrapper around OAuth 1 & OAuth 2 libraries. 5.7k96.9M674](/packages/laravel-socialite)[civicrm/civicrm-core Open source constituent relationship management for non-profits, NGOs and advocacy organizations. 728272.9k20](/packages/civicrm-civicrm-core)[omniphx/forrest A Laravel library for Salesforce 2724.4M8](/packages/omniphx-forrest)[packbackbooks/lti-1p3-tool A library used for building IMS-certified LTI 1.3 tool providers in PHP. 51438.3k2](/packages/packbackbooks-lti-1p3-tool)[opentok/opentok OpenTok is a platform for creating real time streaming video applications, created by TokBox. 1413.0M10](/packages/opentok-opentok)[hoels/app-store-server-library-php The PHP server library for the App Store Server API and App Store Server Notifications. 44162.2k](/packages/hoels-app-store-server-library-php) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)