OTPCredential

Limited availability

This feature is not Baseline because it does not work in some of the most widely-used browsers.

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The OTPCredential interface of the WebOTP API is returned when a WebOTP navigator.credentials.get() call (i.e. invoked with an otp option) fulfills. It includes a code property that contains the retrieved one-time password (OTP).

Credential OTPCredential

Instance properties

This interface also inherits properties from Credential.

OTPCredential.code Read only Experimental

The one-time password (OTP).

Instance methods

None.

Examples

The below code triggers the browser's permission flow when an SMS message arrives. If permission is granted, then the promise resolves with an OTPCredential object. The contained code value is then set as the value of an <input> form element, which is then submitted.

js
navigator.credentials
  .get({
    otp: { transport: ["sms"] },
    signal: ac.signal,
  })
  .then((otp) => {
    input.value = otp.code;
    if (form) form.submit();
  })
  .catch((err) => {
    console.error(err);
  });

Note: For a full explanation of the code, see the WebOTP API landing page. You can also see this code as part of a full working demo.

Specifications

Specification
WebOTP API
# OTPCredential

Browser compatibility

Report problems with this compatibility data on GitHub
desktopmobile
Chrome
Edge
Firefox
Opera
Safari
Chrome Android
Firefox for Android
Opera Android
Safari on iOS
Samsung Internet
WebView Android
WebView on iOS
OTPCredential
Experimental
code
Experimental

Legend

Tip: you can click/tap on a cell for more information.

Full support
Full support
No support
No support
Experimental. Expect behavior to change in the future.