Cotter
  • πŸš€Getting Started
  • Features & Concepts
    • πŸ’¬Sign In with Email/Phone Number
    • πŸ”Sign In with Device
      • How it works
    • 🧬Sign In with WebAuthn
  • πŸ“ŒQuickstart Guides
    • All Guides & Tutorials
    • HTML – Sign in with Email/Phone
    • React – Sign in with Email/Phone
    • React – WebAuthn
    • β–² Next.js
    • Angular
    • Webflow
    • Bubble.io
    • Python SDK for a CLI
    • React Native – Sign in with Device
    • iOS – Sign in with Device
    • Flutter – Sign in with Device
  • πŸ“˜SDK Reference
    • Web
      • Sign In with Email/Phone Number
        • Customize the Form
        • Checking the email or phone before sending a verification code
        • Sending Code or Link via WhatsApp
        • Styling
        • Older SDK
          • Customize the Form
      • Sign in with Social Login
        • Getting Access Tokens from Social Login Providers
        • Github Instructions
        • Google Instructions
      • Sign In with WebAuthn
        • Register WebAuthn for a logged-in user
      • Sign In with Device
        • Steps for Pop Up Authentication Prompt
        • Advanced Customization for Login Form
        • Advanced Customization for Pop Up Authentication Prompt
      • Getting Access Token and Logged-In User Info
      • Sending Successful Form Submission
      • FAQ & Troubleshooting
    • React Native
      • Installation
      • Sign In with Device
        • Add Email/Phone Verification
        • Authenticate from a Non-Trusted Device
        • Add a new Trusted Device
        • Remove Trusted Device
      • Sign In with Email/Phone Number
      • Getting Stored OAuth Tokens and User Information
      • FAQ
      • Older SDK Versions
        • Sign in with Email/Phone
        • Sending Code via WhatsApp
        • Sign In with Device
          • Authenticate from a Non-Trusted Device
          • Add a new Trusted Device
          • Customization
    • Flutter
      • Sign In with Device
        • Add Email/Phone Verification
        • Authenticate from a Non-Trusted Device
      • Sign in with Email/Phone Number
      • Getting the Logged-in User
      • Getting OAuth Tokens
      • Signing a User Out
    • iOS
      • Sign In with Email/Phone Number
      • Sign In with Device
        • Authenticate from a Non-Trusted Device
        • Push Notification
        • Check if Trusted Device is Enrolled
        • Add a New Trusted Device
        • Remove Trusted Device
      • Older Versions
        • Biometric/Pin
    • Android
      • Sign In with Device
        • Authenticate from a Non-Trusted Device
        • Check if Trusted Device is Enrolled
        • Add a new Trusted Device
        • Remove Trusted Device
        • Customization
      • Sign In with Email/Phone Number
      • Biometric/Pin
        • Advanced Methods
        • Customization
        • Setting Strings
        • Styling
      • Older SDK Version
        • Sign In with Device
          • Authenticate from a Non-Trusted Device
    • Python (for CLI)
    • API for Other Mobile Apps or CLI
      • Verify Email/Phone Number
        • Handling URL Scheme
    • Backend: Handling Response
  • πŸ›‘οΈ Protecting Your Account
    • Only Allow Your Website/App to Use Your API Key
    • Rate Limit
    • Enable reCAPTCHA to Protect Against Automated Abuse
  • πŸ—οΈ Getting Access Token
    • Cotter's OAuth 2.0 Tokens Specification
    • Getting the Tokens
      • Get Tokens during Authentication
      • Using the Refresh Token
    • Storing and Removing Tokens
    • Renewing Expired Tokens
    • Verifying JWT Tokens
    • Requesting Custom Fields on your JWT Token
    • Older API
      • Using HTTP Requests
      • Getting the Tokens
        • During Authentication
          • During Email/Phone Verification
        • During enrolling Trusted Devices
  • πŸ”ŒAPI Reference
    • User API
      • User Object
    • OAuth Tokens API
      • Verify JWT Token using API (serverless)
      • Requesting Custom Claims on your Access Token
      • Older API
    • OAuth Tokens from Social Login
    • Event Object
    • Reset PIN API
  • Older API
    • Validating Cotter's Identity Token
    • Validating Cotter's Event Response
Powered by GitBook
On this page
  • How it works
  • First Ever Sign Up
  • Subsequent Logins
  • Quickstarts
  • Guides
  1. Features & Concepts

Sign In with Email/Phone Number

Sign in faster using a magic link or OTP sent to users via email, SMS, or WhatsApp.

PreviousFeatures & ConceptsNextSign In with Device

Last updated 4 years ago

How it works

Users can authenticate using just their email or phone number. On their first time using Cotter, they will be prompted to enter a verification code or press a magic link

On subsequent authentication requests through any website, they will be able to instantly get verified without needing a verification code.

First Ever Sign Up

On their first ever signup to a website/app that uses Cotter, the user have to enter a verification code.

1. The user enter their email or phone number

2. They will receive a verification code or magic link to their email or phone number.

The user will then enter the verification code or press the magic link

3. We will return a response in the callback function with the user's email or phone number and a JWT token to verify that the user is authenticated.

✨At this point, we tie the user's browser or device with their email / phone number. When the user then sign up to another website that uses Cotter, the user don't need to re-verify their email or phone number. Instead, our website or SDK will check if we recognize the device with the credentials, and will automatically go to step 3 above.

Subsequent Logins

After the first signup, anytime the user need to sign-up or login to any website or app that uses Cotter, the user just needs to enter the email or phone number they want to use, and they'll be instantly verified.

1. The user enter their email or phone number

Currently our sessions lasts for 30 days. After 30 days, the user have to re-enter a verification code.

In the near future, we will allow you to check the last login timestamp and decide whether you'd like to send another verification code or not.

Quickstarts

Guides

Web

React Native

iOS

Android

Other Mobile Apps

2. The user is already verified, and can continue their registration or login

πŸ’¬
πŸŽ‰
Sign In with Email/Phone Number
Sign In with Email/Phone Number
Sign In with Email/Phone Number
Sign In with Email/Phone Number
Verify Email/Phone Number
First ever signup to a website/app that uses Cotter
On subsequent logins, the user don't need to enter verification code