WhatsApp verification API

One-time codes on WhatsApp, in two API calls.

Vylo OTP generates verification codes and delivers them to your users over WhatsApp — no SMS fees, no gateway to run. Send a code, verify it, done. You're billed only for messages that go out.

How it works

Three steps between you and a verified user.

1

You request a code

Your backend calls POST /otp/send with the user's phone number. We generate a secure random code and store only its hash.

2

We deliver on WhatsApp

The code is sent from your own connected WhatsApp number through our gateway. Your user reads it in WhatsApp and types it into your app.

3

You verify it

Your backend calls POST /otp/verify with the phone + code. We confirm it (single-use, time-limited) and you're done.

Quick start

Authenticate with your API key (starts with otpsk_) in the Authorization header. Server-side only — never ship the key to a browser or app.

# 1) Send a code
curl -X POST https://otp.vylo-tech.com/otp/send \
  -H "Authorization: Bearer otpsk_YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"phone":"9647501234567"}'

# 2) Verify what the user typed
curl -X POST https://otp.vylo-tech.com/otp/verify \
  -H "Authorization: Bearer otpsk_YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"phone":"9647501234567","code":"482913"}'

Endpoints

MethodPathWhat it does
POST/otp/sendGenerate + deliver a code to a phone.
POST/otp/verifyCheck the code the user entered.
GET/usageYour send counts, cost, and balance.

The service, under the hood

A quick picture of what runs when you call the API.