# Send email OTP Send a one-time passcode (OTP) by email to the given email address. Required permissions: apps:execute, [appId]:execute, auth:execute. Endpoint: POST /v1/auth/otp/email Security: ClientAccessToken ## Request fields (application/json): - `email` (string, required) Email of the user Example: "name@example.com" - `redirect_uri` (string, required) URI that will receive the authorization code. This is the server GET endpoint used to call the token endpoint, and should accept 'code' as a query parameter. This URI must also be configured as an allowed redirect URI in the Transmit Admin Portal. Example: "https://www.example.com/verify" - `create_new_user` (boolean) Indicates whether to create a new user at the end of the authentication flow if a user is not found for the provided email. If enabled, public signups must also be configured as allowed for the application. - `resource` (string) URI of the resource the request is attempting to access, which is reflected in the audience (aud claim) of the access token. This must be configured as resource for the application. - `email_content` (object) Texts, logo and color to render email template with - `email_content.subject` (string, required) The subject of the email - `email_content.primaryColor` (string) Primary color of the email, specified as a Hex color Example: "#6981FF" - `email_content.base64logo` (string) Base64 encoded image for email logo. The string length must be less than or equal to 20000 characters - `email_content.headerText` (string) The header of the email - `email_content.bodyText` (string) The body of the email - `email_content.linkText` (string) The text of the link button in the email - `email_content.infoText` (string) Any extra information in the email - `email_content.footerText` (string) The footer of the email Example: "If you didn't request this email, you can safely ignore it." - `email_content.senderName` (string) Name of the sender of the email - `require_mfa` (boolean) Require multi factor authentication for this authentication request. Example: true - `claims` (object) Used to request additional claims in the ID token, such as roles, permissions, and other user profile data. The structure is per the [OIDC Standard](https://openid.net/specs/openid-connect-core-1_0-final.html#ClaimsParameter). For supported claims and how to request custom claims, see the [ID Token Reference](https://developer.transmitsecurity.com/openapi/id_token_reference/). Example: {"id_token":{"roles":null}} - `client_attributes` (object) Client attributes - `client_attributes.user_agent` (string) - `client_attributes.ip_address` (string) - `org_id` (string) Organization ID, used for member login in B2B scenarios - `approval_data` (object) Flat object that contains the data that your customer should approve for a transaction signing or custom approval flow. It can contain up to 10 keys, and only alphanumeric characters, underscores, hyphens, and periods. It will be returned as a claim in the ID token upon successful authentication. Example: {"transaction_id":"eFII2y40uB9hQ98nXt3tc1IHkRt8GrRZiqZuRn_59wT","sum":"200"} ## Response 200 fields (application/json): - `message` (string, required) Example: "OTP email sent" - `approval_data` (object) Approval data object, if passed in the request. Example: {"transaction_id":"eFII2y40uB9hQ98nXt3tc1IHkRt8GrRZiqZuRn_59wT","sum":"200"} ## Response 400 fields (application/json): - `message` (array, required) Example: "Bad request" - `error_code` (number, required) Example: 400 ## Response 404 fields (application/json): - `message` (string, required) - `error_code` (number, required) Example: 404