Dokumentasi API

OTP Space cuma butuh dua API call: kirim OTP ke nomor WhatsApp pengguna, lalu verifikasi kode yang dimasukkan pengguna. Selesai.

Mau coba langsung di browser? Buka API Reference interaktif (Swagger UI) — paste kunci sk_live_* kamu dan kirim request betulan tanpa nulis kode. Trial 10 OTP gratis di akun baru bisa kamu pakai buat smoke test.

Quickstart

Daftarkan akun, ambil CLIENT_ID dan CLIENT_SECRET dari halaman API Keys, lalu mulai kirim:

# 1) Send OTP
curl -X POST https://api.otpspace.com/v1/otp/send \
  -H "Authorization: Bearer sk_live_xxx" \
  -H "Content-Type: application/json" \
  -d '{"phone":"6281234567890"}'

# 2) Verify code
curl -X POST https://api.otpspace.com/v1/otp/verify \
  -H "Authorization: Bearer sk_live_xxx" \
  -H "Content-Type: application/json" \
  -d '{"phone":"6281234567890","code":"123456"}'

Authentication

Setiap request harus menyertakan header Authorization: Bearer sk_live_xxx dengan client secret kamu.

Authorization: Bearer sk_live_xxxxxxxxxxxx

Endpoint

POST /v1/otp/send

Kirim OTP via WhatsApp (default) atau email. Set channel ke "email" dan isi tujuan email, atau kosongkan channel dan kanal disimpulkan dari tujuan. Field template_id, otp_length, expiry_seconds, dan metadata opsional.

// Request
{
  "phone": "6281234567890",
  "template_id": "default",
  "otp_length": 6,
  "expiry_seconds": 300
}

// Response 202
{
  "success": true,
  "data": {
    "otp_id": "otp_abc123def456",
    "phone": "6281234***90",
    "status": "queued",
    "expires_at": "2026-05-15T14:35:00Z"
  },
  "credits_remaining": 994
}

POST /v1/otp/verify

Verifikasi kode OTP yang dimasukkan pengguna (WhatsApp atau email).

// Request
{
  "phone": "6281234567890",
  "code": "482916"
}

// Response 200
{
  "success": true,
  "data": {
    "otp_id": "otp_abc123def456",
    "phone": "6281234***90",
    "channel": "whatsapp",
    "status": "verified",
    "verified_at": "2026-05-15T14:33:42Z"
  }
}

Kanal email

OTP Space juga bisa mengirim OTP lewat email seharga 0.2 kredit per kirim (WhatsApp 1 kredit). Pakai endpoint /v1/otp/send dan /v1/otp/verify yang sama — set channel ke "email" dan isi tujuan email. Selebihnya (rate limit, masa berlaku, verifikasi) sama persis dengan WhatsApp.

# Send an email OTP (0.2 credit)
curl -X POST https://api.otpspace.com/v1/otp/send \
  -H "Authorization: Bearer sk_live_xxx" \
  -H "Content-Type: application/json" \
  -d '{"channel":"email","email":"[email protected]"}'

// Response 202
{
  "success": true,
  "data": {
    "otp_id": "otp_9f2c1a8b7d6e",
    "destination": "u***@acme.com",
    "channel": "email",
    "status": "delivered",
    "expires_at": "2026-05-15T14:40:00Z"
  },
  "credits_remaining": 993.8
}

# Verify uses the same endpoint; pass the email as the destination
curl -X POST https://api.otpspace.com/v1/otp/verify \
  -H "Authorization: Bearer sk_live_xxx" \
  -H "Content-Type: application/json" \
  -d '{"email":"[email protected]","code":"482916"}'

GET /v1/otp/:otp_id

Cek status OTP tertentu.

// Response 200
{
  "success": true,
  "data": {
    "otp_id": "otp_abc123def456",
    "phone": "6281234***90",
    "status": "delivered",
    "created_at": "2026-05-15T14:30:00Z",
    "expires_at": "2026-05-15T14:35:00Z",
    "delivered_at": "2026-05-15T14:30:08Z",
    "verified_at": null
  }
}

GET /v1/otp/logs

Riwayat pengiriman OTP. Mendukung filter status, channel, phone, from, to, plus page dan per_page untuk pagination.

GET /v1/account/balance

Cek saldo kredit akun kamu.

// Response 200
{
  "success": true,
  "data": {
    "credits_remaining": 8420,
    "credits_used": 1580,
    "tier": "growth"
  }
}

Error codes

Kode Arti Cara handle
400 Bad Request Periksa format payload.
401 Unauthorized Client secret tidak valid.
402 Payment Required Saldo kredit habis. Lakukan top-up.
404 Not Found OTP ID tidak ditemukan.
410 Gone OTP sudah expired.
422 Unprocessable Nomor WhatsApp tidak valid atau tidak aktif.
429 Too Many Requests Rate limit tercapai. Coba lagi setelah beberapa detik.
500 Server Error Coba ulang dengan backoff. Hubungi support jika persisten.

Webhook

Akan datang di Phase 2. Kamu akan bisa daftarkan URL untuk menerima notifikasi event OTP secara real-time (delivered, verified, expired, failed).