POST
/v1/auth/otp/update/phone/sms

Update phone number of Existing User

Update the phone number of an existing end user by sending an OTP code to the new phone number. After successfully verifying the code the new phone number will be used to deliver new OTP messages via SMS. The bearer token requires both the ProjectId and refresh JWT in the format \<Project ID\>:<JWT>, and can therefore only be run for end users who are currently signed-in.

This endpoint will return an empty response object when it completes successfully.

Descope allows you to associating multiple login IDs for a user during API update calls. For details on how this feature works, please review the details here.

Next Steps

Verify the OTP code using the Verify OTP Code endpoint to complete the update process. After successfully verifying the code the newphone number will replace the original phone number.

See Also

  • See The User Object for further details on how to identify users and their contact information such as email address and phone number.
  • Successful execution will return an empty body
  • To try this endpoint - need to provide Project ID:Refresh JWT as bearer. You can acquire the Session JWT by signing in the user and collecting it from the response.

Endpoint Authentication

Use authorization bearer header with the following format:

Authorization: Bearer <Project ID:Refresh JWT>

Try it

/v1/auth/otp/update/phone/sms

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

loginIdstring

phonestring

addToLoginIDsboolean

Default: false

onMergeUseExistingboolean

Default: false

providerIdstring

templateOptionsobject

localestring

Status codeDescription
200OK
curl -X POST "https://api.descope.com/v1/auth/otp/update/phone/sms" \
  -d '{
  "loginId": "string",
  "phone": "string",
  "addToLoginIDs": false,
  "onMergeUseExisting": false,
  "providerId": "string",
  "templateOptions": {
    "property1": "string",
    "property2": "string"
  },
  "locale": "string"
}'

{
  "maskedPhone": "string"
}

Was this helpful?