API di Verifica OTP
Guida all'integrazione dell'app mobile
Invia password monouso via SMS o email e verifica i codici inseriti dagli utenti.
Questo endpoint richiede un token Bearer. Ottieni il tuo token in Impostazioni โ API nella dashboard.
Invia OTP
Genera un codice, lo invia al destinatario e restituisce un ID di riferimento.
Corpo della richiesta
| Campo | Tipo | Descrizione | |
|---|---|---|---|
| recipient | string | obbligatorio | Numero di telefono (formato E.164) o indirizzo email. |
| channel | string | opzionale | "sms" o "email". Se omesso, viene usato il canale predefinito configurato in OTP โ Impostazioni. |
| lang | string | opzionale | Codice lingua del template: en, ro, bg, fr, de, ukโฆ Il valore predefinito รจ en. |
| ref_id | string | opzionale | Il tuo riferimento opzionale (ID ordine, ID utenteโฆ) restituito invariato nella risposta e nella cronologia. |
Esempio di richiesta
cURL
curl -X POST "https://api.rcszilla.com/api/?endpoint=send_otp" \
-H "Authorization: Bearer YOUR-API-TOKEN" \
-H "Content-Type: application/json" \
-d '{"recipient":"+40700000000","channel":"sms","lang":"en","ref_id":"order_42"}'
PHP
$ch = curl_init('https://api.rcszilla.com/api/?endpoint=send_otp');
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode([
'recipient' => '+40700000000',
'channel' => 'sms',
'lang' => 'en',
'ref_id' => 'order_42',
]),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => ['Authorization: Bearer YOUR-API-TOKEN', 'Content-Type: application/json'],
]);
$result = json_decode(curl_exec($ch), true);
// $result = ['success' => true, 'otp_id' => 42]
Python
import requests
r = requests.post(
"https://api.rcszilla.com/api/",
params={"endpoint": "send_otp"},
json={"recipient": "+40700000000", "channel": "sms", "lang": "en", "ref_id": "order_42"},
headers={"Authorization": "Bearer YOUR-API-TOKEN"},
timeout=10,
)
print(r.json()) # {'success': True, 'otp_id': 42}
Node.js
const res = await fetch("https://api.rcszilla.com/api/?endpoint=send_otp", {
method: "POST",
headers: { "Authorization": "Bearer YOUR-API-TOKEN", "Content-Type": "application/json" },
body: JSON.stringify({ recipient: "+40700000000", channel: "sms", lang: "en", ref_id: "order_42" }),
});
const data = await res.json();
// data = { success: true, otp_id: 42 }
Ruby
require 'net/http'; require 'json'
uri = URI("https://api.rcszilla.com/api/?endpoint=send_otp")
req = Net::HTTP::Post.new(uri, 'Authorization' => 'Bearer YOUR-API-TOKEN', 'Content-Type' => 'application/json')
req.body = {recipient: '+40700000000', channel: 'sms', lang: 'en'}.to_json
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') { |h| h.request(req) }
puts JSON.parse(res.body)
Go
payload, _ := json.Marshal(map[string]string{"recipient": "+40700000000", "channel": "sms", "lang": "en"})
req, _ := http.NewRequest("POST", "https://api.rcszilla.com/api/?endpoint=send_otp", bytes.NewBuffer(payload))
req.Header.Set("Authorization", "Bearer YOUR-API-TOKEN")
req.Header.Set("Content-Type", "application/json")
resp, _ := http.DefaultClient.Do(req)
// read resp.Body...
Java
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.rcszilla.com/api/?endpoint=send_otp"))
.header("Authorization", "Bearer YOUR-API-TOKEN")
.header("Content-Type", "application/json")
.POST(HttpRequest.BodyPublishers.ofString(
"{\"recipient\":\"+40700000000\",\"channel\":\"sms\",\"lang\":\"en\"}"
))
.build();
HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
// parse response.body() as JSON
Risposta
JSON200 OK
{
"success": true,
"message": "OTP sent.",
"otp_id": 42
}
JSON429 Rate Limited
{
"success": false,
"message": "Please wait 45 seconds before requesting a new code.",
"retry_after": 45
}
Verifica OTP
Controlla il codice inviato dall'utente. Restituisce verified in caso di successo o un errore con i tentativi rimanenti.
Corpo della richiesta
| Campo | Tipo | Descrizione | |
|---|---|---|---|
| recipient | string | obbligatorio | Lo stesso telefono/email usato nella chiamata di invio. |
| code | string | obbligatorio | Il codice inserito dall'utente. |
Esempio di richiesta
cURL
curl -X POST "https://api.rcszilla.com/api/?endpoint=verify_otp" \
-H "Authorization: Bearer YOUR-API-TOKEN" \
-H "Content-Type: application/json" \
-d '{"recipient":"+40700000000","code":"123456"}'
PHP
$ch = curl_init('https://api.rcszilla.com/api/?endpoint=verify_otp');
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode(['recipient' => '+40700000000', 'code' => '123456']),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => ['Authorization: Bearer YOUR-API-TOKEN', 'Content-Type: application/json'],
]);
$result = json_decode(curl_exec($ch), true);
if ($result['success']) {
// phone verified โ proceed with user action
}
Python
r = requests.post(
"https://api.rcszilla.com/api/",
params={"endpoint": "verify_otp"},
json={"recipient": "+40700000000", "code": "123456"},
headers={"Authorization": "Bearer YOUR-API-TOKEN"},
)
if r.json().get("success"):
pass # verified โ continue
Node.js
const res = await fetch("https://api.rcszilla.com/api/?endpoint=verify_otp", {
method: "POST",
headers: { "Authorization": "Bearer YOUR-API-TOKEN", "Content-Type": "application/json" },
body: JSON.stringify({ recipient: "+40700000000", code: "123456" }),
});
const { success, message, otp_id, ref_id, verified_at } = await res.json();
Ruby
require 'net/http'; require 'json'
uri = URI("https://api.rcszilla.com/api/?endpoint=verify_otp")
req = Net::HTTP::Post.new(uri, 'Authorization' => 'Bearer YOUR-API-TOKEN', 'Content-Type' => 'application/json')
req.body = {recipient: '+40700000000', code: '123456'}.to_json
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') { |h| h.request(req) }
puts JSON.parse(res.body)
Go
payload, _ := json.Marshal(map[string]string{"recipient": "+40700000000", "code": "123456"})
req, _ := http.NewRequest("POST", "https://api.rcszilla.com/api/?endpoint=verify_otp", bytes.NewBuffer(payload))
req.Header.Set("Authorization", "Bearer YOUR-API-TOKEN")
req.Header.Set("Content-Type", "application/json")
resp, _ := http.DefaultClient.Do(req)
// read resp.Body...
Risposta
JSON200 OK
{
"success": true,
"message": "OTP verified successfully.",
"otp_id": 42,
"ref_id": "order_42",
"verified_at": "2026-05-05T14:30:00+00:00"
}
JSON422 Wrong Code
{
"success": false,
"message": "Wrong code. 2 attempt(s) remaining.",
"attempts_remaining": 2
}
Codici di Errore
| HTTP | Descrizione |
|---|---|
| 400 | Richiesta non valida o azione sconosciuta. |
| 401 | Token API non valido o assente. |
| 403 | Troppi tentativi errati โ OTP invalidato. |
| 404 | Nessun OTP attivo trovato per questo destinatario. |
| 410 | L'OTP รจ scaduto. |
| 422 | Codice errato โ la risposta include attempts_remaining. |
| 429 | Limite di velocitร โ la risposta include retry_after (secondi). |
| 500 | Errore di consegna โ verificare le impostazioni del canale. |