waotp — WhatsApp OTP SDK

Send OTPs and WhatsApp messages in one line of code.

Why waotp?

Forget SMS OTPs. WhatsApp has 2B+ users — your users already have it. waotp lets you:

• 💬 Send OTPs via WhatsApp — higher open rates than SMS
• ✅ Verify in one line — returns true/false, no complexity
• 📨 Send transactional messages — order updates, alerts, notifications
• 🔒 Built-in throttling — prevents abuse out of the box
• 🌐 Zero-config — just set an env variable and go
• 🆓 Free to start — generous free tier, no credit card needed

Getting Started

1. Create your account & get an API key

1. Go to wotp.vercel.app → or direct: wotp.vercel.app/login
2. Sign in with Google
3. Connect your WhatsApp (scan QR code — takes ~10 seconds)
4. Go to API Keys → click Create New Key
5. Copy your key — it looks like wk_xxxxxxxxxxxxxxxx

2. Install the SDK

npm install waotp

3. Add your key to .env

WAOTP_API_KEY=wk_your_api_key_here
# or: WOTP_API_KEY=wk_your_api_key_here  (both work)

4. Send your first OTP

import { sendOtp, verifyOtp } from 'waotp';

// Send OTP → delivered to WhatsApp instantly
await sendOtp('+919876543210');

// Verify — returns true or false
const isValid = await verifyOtp('+919876543210', '123456');

That's it. No SDK initialization, no config objects, no boilerplate.

API Reference

sendOtp(phone, options?)

Sends a WhatsApp OTP to a phone number.

| Parameter | Type | Description | |:---|:---|:---| | phone | string | Phone number in E.164 format (e.g., +919876543210) | | options.length | number | OTP length (4–12). Default: 6 | | options.type | string | 'numeric', 'alphanumeric', 'alpha'. Default: 'numeric' | | options.expiresIn | number | Expiry in seconds (30–3600). Default: 300 | | options.message | string | Custom message template. Use {{otp}} as placeholder |

await sendOtp('+919876543210', {
  length: 6,
  type: 'numeric',
  expiresIn: 300,
  message: 'Your verification code is {{otp}}. Valid for 5 minutes.',
});

verifyOtp(phone, otp)

Verifies an OTP. Returns true if valid, false if invalid or expired.

const isValid = await verifyOtp('+919876543210', '123456');
if (!isValid) throw new Error('Invalid or expired OTP');

sendMessage(phone, content, options?)

Send a custom transactional message via WhatsApp.

await sendMessage('+919876543210', 'Your order #4521 has shipped! 🚚');

getUsage()

Returns your account's quota and current usage stats.

const stats = await getUsage();
console.log(`${stats.remainingOtps} OTPs left this month`);
console.log(`${stats.remainingMessages} messages left this month`);

Plans & Limits

| Feature | Free | Pro | |:---|:---|:---| | OTPs / month | 100 | 10,000 | | Messages / month | 250 | 50,000 | | Daily OTP limit | 20 | 500 | | WhatsApp sessions | 1 | Multi |

Upgrade at wotp.vercel.app → Dashboard → Plan.

Built-in Throttling

The SDK automatically prevents accidental spamming:

await sendOtp('+919876543210'); // ✅ sent
await sendOtp('+919876543210'); // ❌ throws: "Please wait 20s before retrying"
await sendOtp('+911234567890'); // ❌ throws: "Please wait 5s before sending another OTP"

| Rule | Cooldown | |:---|:---| | Same phone number | 20 seconds | | Any other number | 5 seconds |

Advanced: Manual Initialization

If you prefer not to use environment variables:

import { createWaotp } from 'waotp';

const waotp = createWaotp({
  apiKey: 'wk_your_api_key_here',
});

await waotp.sendOtp('+919876543210');
const ok = await waotp.verifyOtp('+919876543210', '123456');

Environment Variables

| Variable | Description | |:---|:---| | WAOTP_API_KEY | Your API key (preferred) | | WOTP_API_KEY | Also supported (legacy) | | WAOTP_BASE_URL | Override for self-hosted instances |

License

MIT © Ciphernichu — GitHub