Authentication Flow
1
Start session
Send the customer’s phone number to receive an OTP code via WhatsApp (with SMS fallback).
2
Verify OTP
Submit the 4-digit code. If the customer exists, they are authenticated immediately. If new, they proceed to registration.
3
Complete registration (new customers only)
Provide name and email to create the customer account.
4
Use token
The returned Sanctum token is used for authenticated checkout endpoints.
Start Authentication
Sends an OTP code to the customer’s phone number via WhatsApp, falling back to SMS if WhatsApp delivery fails.Headers
Request Body
Success Response (200)
Error Responses
Resend OTP
Resend the verification code via SMS. The original code is replaced with a new one.Request Body
Success Response (200)
Error Responses
Verify OTP
Submit the 4-digit OTP code to verify the customer’s phone number.Request Body
Success Response - Existing Customer (200)
If the customer already exists in this store (or in another store on the platform), they are authenticated immediately:Success Response - New Customer (200)
If no customer record exists for this phone number, the response indicates registration is needed:Error Responses
Invalid code response example:
Customers get 3 attempts per OTP code. After exhausting all attempts, they must request a new code via the resend endpoint.
Complete Registration
Register a new customer after successful OTP verification. Only callable when the verify response returnedstatus: "needs_registration".

