Docs

Email OTP

The Email OTP plugin allows user to sign-in, verify their email, or reset their password using a one-time password (OTP) sent to their email address.

Installation

Add the plugin to your auth config

To enable email otp in your app, you need to add the emailOTP plugin to your auth config.

auth.ts
import { betterAuth } from "better-auth"
import { emailOTP } from "better-auth/plugins"
 
export const auth = betterAuth({
    // ... other config options
    plugins: [
        emailOTP({ 
                async sendVerificationOTP({ email, otp, type}) { 
					// Implement the sendVerificationOTP method to send the OTP to the user's email address
				}, 
        }) 
    ]
})

Add the client plugin

auth-client.ts
import { createAuthClient } from "better-auth/client"
import { emailOTPClient } from "better-auth/client/plugins"
 
const authClient =  createAuthClient({
    plugins: [
        emailOTPClient()
    ]
})

Usage

Send OTP

First, send an OTP to the user's email address.

example.ts
const { data, error } = await authClient.emailOtp.sendVerificationOtp({
    email: "user-email@email.com",
    type: "sign-in" // or "email-verification", "forget-password"
})

SignIn with OTP

Once the user provides the OTP, you can sign in the user using the signIn.emailOTP() method.

example.ts
const { data, error } = await authClient.signIn.emailOtp({
    email: "user-email@email.com",
    otp: "123456"
})

If the user is not registered, they'll be automatically registered. If you want to prevent this, you can pass disableSignUp as true in the options.

Verify Email

To verify the user's email address, use the verifyEmail() method.

example.ts
const { data, error } = await authClient.emailOtp.verifyEmail({
    email: "user-email@email.com",
    otp: "123456"
})

Reset Password

To reset the user's password, use the resetPassword() method.

example.ts
const { data, error } = await authClient.emailOtp.resetPassword({
    email: "user-email@email.com",
    otp: "123456",
    password: "password"
})

Options

  • sendVerificationOTP: A function that sends the OTP to the user's email address. The function receives an object with the following properties:
    • email: The user's email address.
    • otp: The OTP to send.
    • type: The type of OTP to send. Can be "sign-in", "email-verification", or "forget-password".

Example

auth.ts
import { betterAuth } from "better-auth"
 
export const auth = betterAuth({
    plugins: [
        emailOTP({
            async sendVerificationOTP({
                email,
                otp,
                type
            }) {
                if (type === "sign-in") {
                    // Send the OTP for sign-in
                } else if (type === "email-verification") {
                    // Send the OTP for email verification
                } else {
                    // Send the OTP for password reset
                }
            },
        })
    ]
})
  • otpLength: The length of the OTP. Defaults to 6.
  • expiresIn: The expiry time of the OTP in seconds. Defaults to 300 seconds.
auth.ts
import { betterAuth } from "better-auth"
 
export const auth = betterAuth({
    plugins: [
        emailOTP({
            otpLength: 8,
            expiresIn: 600
        })
    ]
})

  • sendVerificationOnSignUp: A boolean value that determines whether to send the OTP when a user signs up. Defaults to false.

  • disableSignUp: A boolean value that determines whether to prevent automatic sign-up when the user is not registered. Defaults to false.

  • generateOTP: A function that generates the OTP. Defaults to a random 6-digit number.

Magic link

Magic link plugin

Passkey

Passkey

Edit on GitHub

On this page