Resend OTP
Overview
Resend one-time passwords (OTP) via email or SMS. Not applicable for authenticator app method since TOTP codes are generated on-demand.
Endpoint
POST /api/BPMSelfService/commands/ResendOtpCommand
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
userId | integer | Yes | User ID |
verificationMethodType | integer | Yes | Verification method: 1=Email, 2=SMS |
Note: verificationMethodType value 3 (Authenticator) is not supported for this endpoint since authenticator codes don't need to be resent.
Response
Successful Resend
{
"status": "success",
"message": "OTP resent successfully",
"data": {
"otpSent": true,
"maskedDestination": "a***@example.com",
"expiresIn": 300
}
}
Rate Limited
{
"status": "error",
"message": "Please wait before requesting another OTP",
"errorCode": "AUTH_008",
"retryAfter": 60
}
Rate Limiting
- Maximum 3 resend requests per 15 minutes per user
- Prevents abuse and spam
- Returns
retryAfterseconds to wait
Example Usage
C# Example
Code Removed
Implementation details removed for security.
Contact support for implementation guidance.
JavaScript Example
const response = await fetch('/api/BPMSelfService/commands/ResendOtpCommand', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
userId: 123,
verificationMethodType: 1 // Email
})
});
const result = await response.json();
if (result.status === 'success') {
console.log(`OTP sent to ${result.data.maskedDestination}`);
}
Error Responses
| Status | Error Code | Description |
|---|---|---|
| 400 | AUTH_006 | Invalid verification method (e.g., Authenticator) |
| 429 | AUTH_008 | Rate limit exceeded |
| 404 | AUTH_005 | User not found |
| 500 | AUTH_009 | Failed to send OTP (email/SMS service error) |