Skip to main content

Limiting OTP retries

You can change how many times a user can attempt to enter an OTP before they have to enter their email / phone number again (thereby force generating a new OTP). By default, this is set to 5 attempts, and can be modified by changing the passwordless_max_code_input_attempts core config:

docker run \
-p 3567:3567 \
-e PASSWORDLESS_MAX_CODE_INPUT_ATTEMPTS=3 \
-d registry.supertokens.io/supertokens/supertokens-<db name>
Which frontend SDK do you use?
supertokens-web-js / mobile
supertokens-auth-react