API de verificare OTP
Ghid de integrare aplicație mobilă
Trimiteți parole de unică folosință prin SMS sau email și verificați-le din orice aplicație.
Acest endpoint necesită un token Bearer sau X-API-Token — generați o cheie API din Setări → Cheie API.
Trimite OTP
Generează un cod, îl trimite destinatarului și înregistrează încercarea. Limitat la un trimitere per 60 de secunde per destinatar.
Corp cerere
| Câmp | Tip | Descriere | |
|---|---|---|---|
| recipient | string | obligatoriu | Număr de telefon (format E.164) sau adresă de email. |
| channel | string | opțional | "sms" sau "email". Implicit: canalul configurat în Setări OTP. |
| lang | string | opțional | Codul limbii șablonului: en, ro, bg, fr, de, uk. Implicit "en". |
| ref_id | string | opțional | Referința ta opțională (ID comandă, sesiune…) — returnată în răspunsul de verificare. |
Exemplu cerere
cURL
curl -X POST "https://api.rcszilla.com/api/?endpoint=send_otp" \
-H "Authorization: Bearer YOUR-API-TOKEN" \
-H "Content-Type: application/json" \
-d '{"recipient":"+40700000000","channel":"sms","lang":"en","ref_id":"order_42"}'
PHP
$ch = curl_init('https://api.rcszilla.com/api/?endpoint=send_otp');
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode([
'recipient' => '+40700000000',
'channel' => 'sms',
'lang' => 'en',
'ref_id' => 'order_42',
]),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => ['Authorization: Bearer YOUR-API-TOKEN', 'Content-Type: application/json'],
]);
$result = json_decode(curl_exec($ch), true);
// $result = ['success' => true, 'otp_id' => 42]
Python
import requests
r = requests.post(
"https://api.rcszilla.com/api/",
params={"endpoint": "send_otp"},
json={"recipient": "+40700000000", "channel": "sms", "lang": "en", "ref_id": "order_42"},
headers={"Authorization": "Bearer YOUR-API-TOKEN"},
timeout=10,
)
print(r.json()) # {'success': True, 'otp_id': 42}
Node.js
const res = await fetch("https://api.rcszilla.com/api/?endpoint=send_otp", {
method: "POST",
headers: { "Authorization": "Bearer YOUR-API-TOKEN", "Content-Type": "application/json" },
body: JSON.stringify({ recipient: "+40700000000", channel: "sms", lang: "en", ref_id: "order_42" }),
});
const data = await res.json();
// data = { success: true, otp_id: 42 }
Ruby
require 'net/http'; require 'json'
uri = URI("https://api.rcszilla.com/api/?endpoint=send_otp")
req = Net::HTTP::Post.new(uri, 'Authorization' => 'Bearer YOUR-API-TOKEN', 'Content-Type' => 'application/json')
req.body = {recipient: '+40700000000', channel: 'sms', lang: 'en'}.to_json
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') { |h| h.request(req) }
puts JSON.parse(res.body)
Go
payload, _ := json.Marshal(map[string]string{"recipient": "+40700000000", "channel": "sms", "lang": "en"})
req, _ := http.NewRequest("POST", "https://api.rcszilla.com/api/?endpoint=send_otp", bytes.NewBuffer(payload))
req.Header.Set("Authorization", "Bearer YOUR-API-TOKEN")
req.Header.Set("Content-Type", "application/json")
resp, _ := http.DefaultClient.Do(req)
// read resp.Body...
Java
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.rcszilla.com/api/?endpoint=send_otp"))
.header("Authorization", "Bearer YOUR-API-TOKEN")
.header("Content-Type", "application/json")
.POST(HttpRequest.BodyPublishers.ofString(
"{\"recipient\":\"+40700000000\",\"channel\":\"sms\",\"lang\":\"en\"}"
))
.build();
HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
// parse response.body() as JSON
Răspuns
JSON200 OK
{
"success": true,
"message": "OTP sent.",
"otp_id": 42
}
JSON429 Rate Limited
{
"success": false,
"message": "Please wait 45 seconds before requesting a new code.",
"retry_after": 45
}
Verifică OTP
Verifică codul trimis față de cel mai recent OTP activ pentru acest destinatar.
Corp cerere
| Câmp | Tip | Descriere | |
|---|---|---|---|
| recipient | string | obligatoriu | Același telefon/email folosit la trimitere. |
| code | string | obligatoriu | Codul introdus de utilizator. |
Exemplu cerere
cURL
curl -X POST "https://api.rcszilla.com/api/?endpoint=verify_otp" \
-H "Authorization: Bearer YOUR-API-TOKEN" \
-H "Content-Type: application/json" \
-d '{"recipient":"+40700000000","code":"123456"}'
PHP
$ch = curl_init('https://api.rcszilla.com/api/?endpoint=verify_otp');
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode(['recipient' => '+40700000000', 'code' => '123456']),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => ['Authorization: Bearer YOUR-API-TOKEN', 'Content-Type: application/json'],
]);
$result = json_decode(curl_exec($ch), true);
if ($result['success']) {
// phone verified — proceed with user action
}
Python
r = requests.post(
"https://api.rcszilla.com/api/",
params={"endpoint": "verify_otp"},
json={"recipient": "+40700000000", "code": "123456"},
headers={"Authorization": "Bearer YOUR-API-TOKEN"},
)
if r.json().get("success"):
pass # verified — continue
Node.js
const res = await fetch("https://api.rcszilla.com/api/?endpoint=verify_otp", {
method: "POST",
headers: { "Authorization": "Bearer YOUR-API-TOKEN", "Content-Type": "application/json" },
body: JSON.stringify({ recipient: "+40700000000", code: "123456" }),
});
const { success, message, otp_id, ref_id, verified_at } = await res.json();
Ruby
require 'net/http'; require 'json'
uri = URI("https://api.rcszilla.com/api/?endpoint=verify_otp")
req = Net::HTTP::Post.new(uri, 'Authorization' => 'Bearer YOUR-API-TOKEN', 'Content-Type' => 'application/json')
req.body = {recipient: '+40700000000', code: '123456'}.to_json
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') { |h| h.request(req) }
puts JSON.parse(res.body)
Go
payload, _ := json.Marshal(map[string]string{"recipient": "+40700000000", "code": "123456"})
req, _ := http.NewRequest("POST", "https://api.rcszilla.com/api/?endpoint=verify_otp", bytes.NewBuffer(payload))
req.Header.Set("Authorization", "Bearer YOUR-API-TOKEN")
req.Header.Set("Content-Type", "application/json")
resp, _ := http.DefaultClient.Do(req)
// read resp.Body...
Răspuns
JSON200 OK
{
"success": true,
"message": "OTP verified successfully.",
"otp_id": 42,
"ref_id": "order_42",
"verified_at": "2026-05-05T14:30:00+00:00"
}
JSON422 Wrong Code
{
"success": false,
"message": "Wrong code. 2 attempt(s) remaining.",
"attempts_remaining": 2
}
Coduri de eroare
| HTTP | Descriere |
|---|---|
| 400 | Cerere invalidă sau acțiune necunoscută. |
| 401 | Token API invalid sau lipsă. |
| 403 | Prea multe încercări greșite — OTP invalidat. |
| 404 | Niciun OTP activ găsit pentru acest destinatar. |
| 410 | OTP-ul a expirat. |
| 422 | Cod greșit — răspunsul include attempts_remaining. |
| 429 | Limită de rată — răspunsul include retry_after (secunde). |
| 500 | Eroare de livrare — verificați setările canalului. |