JavaScript: Verify and log in through OTP

Log in a user given a User supplied OTP or TokenHash received through mobile or email.

• The verifyOtp method takes in different verification types. If a phone number is used, the type can either be sms or phone_change. If an email address is used, the type can be one of the following: email, recovery, invite or email_change (signup and magiclink types are deprecated).
• The verification type used should be determined based on the corresponding auth method called before verifyOtp to sign up / sign-in a user.
• The TokenHash is contained in the email templates and can be used to sign in. You may wish to use the hash with Magic Links for the PKCE flow for Server Side Auth. See this guide for more details.

Parameters

• params

  (Required)

Examples

Verify Signup One-Time Password (OTP)

const \{ data, error \} = await supabase.auth.verifyOtp(\{ email, token, type: 'email'\})

Verify Sms One-Time Password (OTP)

const \{ data, error \} = await supabase.auth.verifyOtp(\{ phone, token, type: 'sms'\})

Verify Email Auth (Token Hash)

const \{ data, error \} = await supabase.auth.verifyOtp(\{ token_hash: tokenHash, type: 'email'\})