Explore Knowledge Base

OTP Configuration

02. 07. 2025

OTP configuration is separated for the following cases:

  • user self registration → ConfirmationCodeCategory.USER_REGISTRATION

  • login, change_login, password → ConfirmationCodeCategory.USER_AUTHENTICATION;

  • OTP confirmation for sensitive operations if enabled: -> ConfirmationCodeCategory.OPERATION

For testing purposes, OTP can be configured as static using the following parameters (instead 1111 any status value can be used):

confirmation-code:
static-otp:
enabled: true
code: 1111

Overall configuration settings for OTP:

users:
registration:
confirmation-code:
static-otp:
enabled: ${USER_REGISTRATION_STATIC_OTP_ENABLED:false}
code: ${USER_REGISTRATION_STATIC_OTP_CODE:1111}
length: 6
ttl: 86400
resend-delay: 60
maxAttempts: 3
authentication:
confirmation-code:
static-otp:
enabled: ${USER_REGISTRATION_STATIC_OTP_ENABLED:false}
code: ${USER_REGISTRATION_STATIC_OTP_CODE:1111}
length: 6
ttl: 86400
resend-delay: 60
maxAttempts: 3
confirmation:
code:
static-otp:
enabled: ${CONFIRMATION_STATIC_OTP_ENABLED:false}
code: ${CONFIRMATION_STATIC_OTP_CODE:1111}
length: 6
ttl: 86400
resend-delay: 60
maxAttempts: 3

Sending provider configuration

If static OTP is disabled, it is necessary to configure the sending provider. Otherwise, an OTP will be generated but not sent.

The system supports Amazon SNS or Twilio out of the box for this purpose.

The setup process consists of two parts:

  • SMS provider type setup

  • provider configuration setup

SMS provider type setup

notifications:
sms:
enabled: false
message: 'The notification via sms is disabled. For more information, please contact your administrator.'
sender: 'SDKFinance'
provider: 'amazonSmsSender' # possible options: logSmsSender, amazonSmsSender, twilioSmsSender

Provider configuration setup

To configure Amazon SNS, specify the following parameters:

notifications:
sms:
amazon-sns:
region: 'eu-west-1'
accessKeyId: 'YOUR_ACCESS_KEY_ID'
secretKey: 'YOUR_SECRET_ACCESS_KEY'
smsMaxPrice: 1.00000

To configure Twillio, specify the following parameters:

notifications:
sms:
twilio-integration:
from_phone_number: '...'
account_cid: '...'
auth_token: '...'
region: '' # optional
edge: '' # optional