Skip to main content
The sdk.auth namespace handles the complete customer authentication lifecycle: phone-based OTP login, registration for new customers, profile retrieval and updates, and logout.

OTP Authentication Flow

RMZ uses phone-based OTP (one-time password) authentication. The flow has three steps:
  1. Start authentication — send an OTP to the customer’s phone
  2. Verify OTP — confirm the code the customer received
  3. Complete registration — (new customers only) provide name and email

Step 1: Start Phone Auth

Parameters: Returns: { session_token: string }

Step 2: Verify OTP

Parameters: Returns: { token: string; customer: Customer }

Step 2b: Resend OTP

If the customer did not receive the code:

Step 3: Complete Registration (New Customers)

For first-time customers, collect their details and complete registration:
Parameters: Returns: { token: string; customer: Customer }

Profile Management

auth.getProfile()

Retrieve the authenticated customer’s profile.
Returns: Customer

auth.updateProfile(data)

Update the authenticated customer’s profile.
Parameters: Partial<Customer> — any subset of profile fields. Returns: Customer

auth.logout()

Log out the customer and invalidate the current token.
Returns: void

Token Management

After authentication, manage the Bearer token on the SDK instance:
Persist the auth token in localStorage or a secure cookie so customers stay logged in across page reloads:

Complete Login Example