# One-Time Login Login users using one-time login methods like magic links or OTPs. This implements a frontend integration for authentication, where the client obtains an authorization code that your app can exchange in the backend for user tokens. ## Servers Sandbox environment ``` https://api.sbx.transmitsecurity.io/cis ``` Production environment (US) ``` https://api.transmitsecurity.io/cis ``` Production environment (EU) ``` https://api.eu.transmitsecurity.io/cis ``` Production environment (CA) ``` https://api.ca.transmitsecurity.io/cis ``` Production environment (AU) ``` https://api.au.transmitsecurity.io/cis ``` ## Security ### bearer Type: http Scheme: bearer Bearer Format: JWT ### UserAccessToken A token returned upon end-user authentication, which provides access to resources and data for the user and app for which it was generated Type: http Scheme: bearer Bearer Format: JWT ### AdminAccessToken A token generated by a management application using the [token endpoint](/openapi/token.openapi/other/getaccesstoken). It provides access to all resources for the tenant and its apps Type: oauth2 ### ClientAccessToken A token generated by an end-user application using the [token endpoint](/openapi/token.openapi/other/getaccesstoken). It provides access to resources and data on the tenant level or associated with the specific application (but not other apps in the tenant) Type: oauth2 ### OrgAdminAccessToken A token returned upon B2B authentication for a user that has the organizationAdmin or organizationCreator role. Type: oauth2 ## Download OpenAPI description [One-Time Login](https://developer.transmitsecurity.com/_bundle/openapi/user/one-time-login.openapi.yaml) ## Other ### Send email link - [POST /v1/auth/links/email](https://developer.transmitsecurity.com/openapi/user/one-time-login.openapi/other/sendemail.md): Send a magic link by email to a user. Required permissions: apps:execute, [appId]:execute, auth:execute. ### Send email OTP - [POST /v1/auth/otp/email](https://developer.transmitsecurity.com/openapi/user/one-time-login.openapi/other/sendemailotp.md): Send a one-time passcode (OTP) by email to the given email address. Required permissions: apps:execute, [appId]:execute, auth:execute. ### Validate email OTP - [POST /v1/auth/otp/email/validation](https://developer.transmitsecurity.com/openapi/user/one-time-login.openapi/other/validateemailotp.md): Validate a one-time passcode sent by email to a user. The endpoint will return a URI which can be used to redirect the client in order to complete authentication. Required permissions: apps:execute, [appId]:execute, auth:execute. ### Send SMS OTP - [POST /v1/auth/otp/sms](https://developer.transmitsecurity.com/openapi/user/one-time-login.openapi/other/sendsmsotp.md): Send a one-time passcode (OTP) by SMS to the given phone number. Required permissions: apps:execute, [appId]:execute, auth:execute. ### Validate SMS OTP - [POST /v1/auth/otp/sms/validation](https://developer.transmitsecurity.com/openapi/user/one-time-login.openapi/other/validatesms.md): Validate a one-time passcode sent by SMS to a user. The endpoint will return a URI which can be used to redirect the client in order to complete authentication. Required permissions: apps:execute, [appId]:execute, auth:execute. ### Logout - [POST /v1/auth/logout](https://developer.transmitsecurity.com/openapi/user/one-time-login.openapi/other/logout.md): Logout the user from a specific session. The user and session are derived from the access token used to authorize the request (which was issued based on the authentication that created the session) ### Exchange code for token (deprecated) - [POST /v1/token](https://developer.transmitsecurity.com/openapi/user/one-time-login.openapi/other/tokenexchange.md): Retrieve ID and access tokens. This API is used to retrieve ID and access tokens using the code that was returned in the redirect URI as a query parameter (for example, when the user clicks a magic link). It may also create a new user if create_new_user was set to true in the send request and no user exists for the email address or phone number (depending on the flow).