Stytch SMS OTP Authentication uses Stytch’s SMS OTP service to authenticate users through mobile phone verification. This method sends a one-time password (OTP) to your phone number, which you then use to verify your identity and mint a PKP.
Backend Required: This authentication method requires a backend service
that handles Stytch Email OTP operations. The auth service already has the
implementation in place with the /stytch/email/send-otp and
/stytch/email/verify-otp endpoints, but they are disabled by default. Simply
run your auth service at the configured URL to enable Stytch Email OTP
functionality.
Lit Auth Server URLs. Please refer to Auth
Services section.
1
Send OTP to Phone
Enter your phone number to receive a one-time password (OTP). The OTP will be sent via Stytch’s SMS service through your backend.
Add an extra layer of security to your account by setting up TOTP (Time-based One-Time Password) 2FA. This will allow you to use authenticator apps like Google Authenticator, Authy, or 1Password for future logins.See TOTP 2FA for more details.
4
Get or Mint a PKP
You can select an existing PKP associated with your account or mint a new one.
Copy
Ask AI
const res = await litClient.authService.mintWithAuth({ authData: authData,});
5
Generate Auth Context
Use your PKP’s public key to create an AuthContext. This method will cache two things:
session key pair - a temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
A public key - shared with the Lit nodes
A secret key (private key) - kept securely on the client
Delegation AuthSig aka. the inner auth sig - a cryptographic attestation from the Lit Protocol nodes that authorises your session key to act on behalf of your PKP.
