POSTSend OTP
Send a one-time password (OTP) to a customer's primary mobile number to start mobile verification.
Sends an OTP to the customer's primary mobile number for verification. The response returns a transaction id and the OTP expiry timestamp; confirm the code the customer enters with the Verify OTP API.
Sample OTP SMS
134021 is the OTP to verify your mobile number.- Eko India
By default the OTP SMS is sent with the Eko India sender signature. To send it under your own company signature and Sender ID, register on a telecom DLT platform as described below.
DLT registration for your own Sender ID
1. Register as a Principal Entity
Register on any one telecom DLT platform, such as:
Submit the requested business KYC documents, typically:
- PAN and GST certificate
- Business registration proof
- Registered address proof
- Authorised signatory details
After approval, save your Principal Entity ID (PE ID).
2. Register a Sender ID
In the DLT portal, register a new SMS Header or Sender ID.
- Select the Others/Service header category — not Promotional.
- Choose a sender name related to your registered entity or authorised brand.
- Provide a justification or brand-authorisation document if the sender name differs from your legal entity name.
- Sender IDs are case-sensitive.
Save the approved Header Name and Header ID.
3. Register the OTP content template
Create a content template using:
| Field | Value |
|---|---|
| Communication type | Service Implicit |
| Channel | SMS |
| Language | English |
| Header | Your approved Sender ID |
Register the following template exactly (just change Eko India to your own company name):
{#var#} is the OTP to verify your mobile number.- Eko India
- Use your own company name instead of Eko India.
{#var#}represents the dynamically generated OTP.- Do not select Transactional unless the OTP is for a banking transaction performed by a bank.
4. Submit the approved details to Eko
Provide the following during API onboarding:
- Principal Entity ID
- Approved Sender ID/Header
- Header ID
- Content Template ID
- Exact approved template text
Body parameters
| Field | Type | Required | Description |
|---|---|---|---|
initiator_id | string | required | Registered mobile number of the API user (see Platform Credentials).e.g. 9962981729 |
client_ref_id | string | optional | Unique reference id per API call, generated by your system.e.g. REQ-20260101-001 |
csp_idCSP ID | string | required | Customer Service Point id of the agent/retailer the OTP is being sent on behalf of.e.g. 9002336768 |
mobileMobile Number | string | required | Customer's 10-digit primary mobile number to send the OTP to.e.g. 9002336768 |
initiator_idstringRequiredRegistered mobile number of the API user (see Platform Credentials).
example: 9962981729
client_ref_idstringoptionalUnique reference id per API call, generated by your system.
example: REQ-20260101-001
csp_idstringRequired· CSP IDCustomer Service Point id of the agent/retailer the OTP is being sent on behalf of.
example: 9002336768
mobilestringRequired· Mobile NumberCustomer's 10-digit primary mobile number to send the OTP to.
example: 9002336768
Headers
| Field | Type | Required | Description |
|---|---|---|---|
developer_key | string | required | Static API key issued to your account after KYC. |
secret-key | string | required | Dynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))). |
secret-key-timestamp | string | required | Current time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time. |
content-type | string | required | application/jsone.g. application/json |
developer_keystringRequiredStatic API key issued to your account after KYC.
secret-keystringRequiredDynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))).
secret-key-timestampstringRequiredCurrent time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time.
content-typestringRequiredapplication/json
example: application/json
Responses
statusnumberPrimary success indicator (0 = success).
messagestringHuman-readable response / error message.
response_status_idnumberGranular status id; see the shared error-codes table.
response_type_idnumberA unique id for every possible response shape (success or error) — useful for client logic branching and analytics.
dataobjectAPI-specific response payload.
client_ref_idstringUnique reference id for this OTP request, echoed back.
initiator_idstringRegistered mobile number of the API user that initiated the call.
otp_expiry_timestampstringTimestamp until which the OTP stays valid. Verify before this time.
tidstringUnique transaction id for this OTP send, for tracking and support.