Documentation Index
Fetch the complete documentation index at: https://turnkey-0e7c1f5b-9-digit-updates.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
API Key
Webauthn (Passkey)
Body
Enum options: ACTIVITY_TYPE_OTP_AUTH
Timestamp (in milliseconds) of the request, used to verify liveness of user requests.
Unique identifier for a given Organization.
parameters field
ID representing the result of an init OTP activity.
OTP sent out to a user’s contact (email or SMS)
parameters.targetPublicKey
Client-side public key generated by the user, to which the OTP bundle (credentials) will be encrypted.
Optional human-readable name for an API Key. If none provided, default to OTP Auth - <Timestamp>
parameters.expirationSeconds
Expiration window (in seconds) indicating how long the API key is valid. If not provided, a default of 15 minutes will be used.
parameters.invalidateExisting
Invalidate all other previously generated OTP Auth API keys
Response
A successful response returns the following fields:
The activity object containing type, intent, and result
The intent of the activity
activity.intent.otpAuthIntent
The otpAuthIntent objectShow otpAuthIntent details
activity.intent.otpAuthIntent.otpId
ID representing the result of an init OTP activity.
activity.intent.otpAuthIntent.otpCode
OTP sent out to a user’s contact (email or SMS)
activity.intent.otpAuthIntent.targetPublicKey
Client-side public key generated by the user, to which the OTP bundle (credentials) will be encrypted.
activity.intent.otpAuthIntent.apiKeyName
Optional human-readable name for an API Key. If none provided, default to OTP Auth - <Timestamp>
activity.intent.otpAuthIntent.expirationSeconds
Expiration window (in seconds) indicating how long the API key is valid. If not provided, a default of 15 minutes will be used.
activity.intent.otpAuthIntent.invalidateExisting
Invalidate all other previously generated OTP Auth API keys
The result of the activity
activity.result.otpAuthResult
The otpAuthResult objectShow otpAuthResult details
activity.result.otpAuthResult.userId
Unique identifier for the authenticating User.
activity.result.otpAuthResult.apiKeyId
Unique identifier for the created API key.
activity.result.otpAuthResult.credentialBundle
HPKE encrypted credential bundle
curl --request POST \
--url https://api.turnkey.com/public/v1/submit/otp_auth \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header "X-Stamp: <YOUR_API_KEY.YOUR_API_SECRET>" \
--data '{
"type": "ACTIVITY_TYPE_OTP_AUTH",
"timestampMs": "<string> (e.g. 1746736509954)",
"organizationId": "<string> (Your Organization ID)",
"parameters": {
"otpId": "<string>",
"otpCode": "<string>",
"targetPublicKey": "<string>",
"apiKeyName": "<string>",
"expirationSeconds": "<string>",
"invalidateExisting": true
}
}'
{
"activity": {
"id": "<activity-id>",
"status": "ACTIVITY_STATUS_COMPLETED",
"type": "ACTIVITY_TYPE_OTP_AUTH",
"organizationId": "<organization-id>",
"timestampMs": "<timestamp> (e.g. 1746736509954)",
"result": {
"activity": {
"type": "<string>",
"intent": {
"otpAuthIntent": {
"otpId": "<string>",
"otpCode": "<string>",
"targetPublicKey": "<string>",
"apiKeyName": "<string>",
"expirationSeconds": "<string>",
"invalidateExisting": true
}
},
"result": {
"otpAuthResult": {
"userId": "<string>",
"apiKeyId": "<string>",
"credentialBundle": "<string>"
}
}
}
}
}
}
