WA.cr APP - API v2
  1. Authentication (OTP Verification)
WA.cr APP - API v2
  • API v2 Documentation
    • Account
      • Get Account Info
      • Get Usage Statistics
      • Get Plan Limits
    • Authentication (OTP Verification)
      • Send OTP/Verification Code
        POST
      • Resend OTP
        POST
      • Verify OTP
        POST
      • Check OTP Status
        POST
      • List Authentication Templates
        GET
    • Comments
      • Get Comments
      • Add Comment
    • Contacts
      • List Contacts
      • Create Contact
      • Get Contact
      • Update Contact
      • Delete Contact
      • Batch Create Contacts
      • Batch Delete Contacts
    • Groups
      • List Groups
      • Create Group
      • Get Group
      • Update Group
      • Delete Group
      • Add Contacts to Group
      • Remove Contacts from Group
    • Messages
      • Send Text Message
      • Send Template Message
      • Send Media Message
      • Send Interactive Message
      • List Messages
      • Get Message
    • Sources
      • List Sources
      • Create Source
      • Get Source
      • Update Source
      • Delete Source
    • Statuses
      • List Statuses
      • Create Status
      • Get Status
      • Update Status
      • Delete Status
    • Templates
      • List Templates
      • Sync Templates from WhatsApp
      • Get Template
  1. Authentication (OTP Verification)

Resend OTP

POST
/auth/resend
Resend a new OTP code to a phone number. This generates a new random 6-digit code and sends it via WhatsApp authentication template, invalidating any previous OTP for the same phone and purpose.
Internally, this endpoint generates a new code and delegates to the Send OTP logic, so the response format is identical to /auth/send-otp.
Required Scope: messages:send

Request Body#

FieldTypeRequiredValidationDescription
phonestringYesPhone number to resend OTP to
template_namestringYesAuthentication template name
languagestringNomax:10Template language code (default: en)
expiry_minutesintegerNomin:1, max:60Code expiry time in minutes (default: 10)
purposestringNomax:50OTP purpose (default: authentication)

Rate Limiting#

3 resend attempts per 5 minutes per phone number per tenant
Rate limit key: otp-resend:{tenant_id}:{phone}
Returns retry_after seconds when limit exceeded
More restrictive than the verify endpoint to prevent OTP spam

Behavior#

1.
Validates request fields
2.
Checks resend rate limit (3 per 5 min)
3.
Generates a new random 6-digit OTP code
4.
Delegates to the Send OTP logic (which handles template validation, contact lookup, WhatsApp sending, etc.)
5.
Previous OTP for the same phone/purpose is automatically deleted

Response#

Returns the same response format as /auth/send-otp (success with message_id, contact_id, phone, expiry info, etc.)

Error Responses#

StatusError CodeDescription
401UNAUTHORIZEDInvalid or missing API token
403INSUFFICIENT_SCOPEToken missing messages:send scope
422VALIDATION_ERRORRequest validation failed
429RATE_LIMIT_EXCEEDEDToo many resend attempts (3 per 5 min)
500INTERNAL_ERRORUnexpected server error
All error responses from /auth/send-otp also apply (template not found, not AUTHENTICATION category, WhatsApp not configured, etc.)

Validation Error Messages#

FieldMessage
phonePhone number is required
template_nameTemplate name is required

Request

Authorization
Bearer Token
Provide your bearer token in the
Authorization
header when making requests to protected resources.
Example:
Authorization: Bearer ********************
or
Header Params

Body Params application/json

Examples

Responses

🟢200
application/json
Successful response
Body

Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST '/auth/resend' \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "phone": "+919999999999",
    "template_name": "otp_verification",
    "language": "en",
    "expiry_minutes": 10,
    "purpose": "authentication"
}'
Response Response Example
{}
Modified at 2026-02-25 01:32:16
Previous
Send OTP/Verification Code
Next
Verify OTP
Built with