> ## Documentation Index
> Fetch the complete documentation index at: https://docs.onboard.xyz/llms.txt
> Use this file to discover all available pages before exploring further.

# Generate OTP for 2FA actions

Generates a one-time password (OTP) for actions requiring two-factor authentication (2FA), such as:

* Adding or updating a payment method
* Updating account security settings (e.g. enabling passkeys & TOTP)

This OTP does not grant authentication access but is instead used to verify sensitive operations within an authenticated session.

<Note>For OTPs used for authentication (sign-in/sign-up), refer to the [`Verify auth OTP`](/api-reference/onboard-connect/users/api-user-creation/verify-user-auth-otp.mdx) endpoint.</Note>


## OpenAPI

````yaml get /users/me/send-otp
openapi: 3.0.3
info:
  version: 2.1.0
  title: Onboard External API Gateway
  description: >-
    **Introduction**

    API Gateway for Onboard


    This specification describes API endpoints that are available to the public
    internet via the API gateway. The different endpoints require different
    authentication schemes, see documentation for what applies to the operation
    you want to access.


    **Errors**

    Uses conventional HTTP response codes to indicate success or failure. In

    general:
     
    - `2xx` status codes indicate success. Codes in the

    - `4xx` range

    indicate a client error (e.g. required parameters, failed request etc.).

    - `5xx` status codes indicate a server error occurred.
  contact:
    name: Nestcoin TechOps
    email: techops@nestcoin.com
  license:
    name: UNLICENSED
servers:
  - url: https://external.dev.onboardpay.co
    description: Gateway for external API on staging environment.
security: []
tags:
  - name: users-onboardapi
    description: Endpoints available to for merchants liquidity automation
  - name: users-users
    description: User related endpoints
  - name: users-partners
    description: Partner related endpoints
  - name: users-admin
    description: Back office related endpoints
  - name: users-user2fa
    description: User 2fa related endpoints
  - name: users-usernotifications
    description: User notifications related endpoints
  - name: users-merchantnetwork
    description: Merchant network endpoints
  - name: users-userauth
    description: Authentication endpoints
  - name: users-userservice
    description: Service endpoints
  - name: users-webhook
    description: webhook endpoints
paths:
  /users/me/send-otp:
    get:
      tags:
        - users-users
      summary: Provide otp for user
      operationId: sendOtp
      parameters:
        - name: purpose
          in: query
          required: true
          schema:
            $ref: '#/components/schemas/OtpPurpose'
        - name: verificationChannel
          in: query
          required: false
          schema:
            $ref: '#/components/schemas/PhoneNumberVerificationChannel'
      responses:
        '200':
          description: Success
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OtpSendResponse'
        '400':
          description: Bad request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorMessageDto'
        '401':
          description: Unauthorized request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorMessageDto'
        '404':
          description: Not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorMessageDto'
        '500':
          description: Server error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorMessageDto'
      security:
        - authToken: []
components:
  schemas:
    OtpPurpose:
      type: string
      description: the purpose of an otp
      enum:
        - SIGN_IN
        - DELETE_ACCOUNT
        - ADD_PAYMENT_METHOD
        - EDIT_PAYMENT_METHOD
        - CEX_ORDER_CONFIRMATION
        - PHONE_NUMBER_VERIFICATION
        - AUTHENTICATE_ACTION
        - WALLET_RECOVERY
        - WALLET_RESET
        - MFA_SETUP
    PhoneNumberVerificationChannel:
      type: string
      enum:
        - SMS
        - WHATSAPP
    OtpSendResponse:
      type: object
      properties:
        sent:
          type: boolean
        authSessionId:
          type: string
    ErrorMessageDto:
      description: >-
        Default error object for services. This gives consistent error object
        that all services may use.
      type: object
      required:
        - code
        - message
      properties:
        code:
          type: string
          description: Error code
          example: UNKNOWN_ERROR
        message:
          type: string
          description: Descriptive error message
          example: Request could not be completed due to an error
        data:
          type: object
          description: Additional data for this error message.
          additionalProperties: true
          properties: {}
      x-common-model: ErrorMessageDto
  securitySchemes:
    authToken:
      type: apiKey
      name: x-auth-token
      in: header

````