otpless-headless-rn
Advanced tools
The new Authentication SDK offers significantly improved speed, reliability, and security, ensuring a seamless authentication and integration experience. We strongly recommend upgrading by removing the old SDK and following the steps below.
Install the OTPLESS SDK dependency by running the following command in your terminal at the root of your React Native project:
npm i otpless-headless-rn
import { OtplessHeadlessModule } from 'otpless-headless-rn';
const headlessModule = new OtplessHeadlessModule();
useEffect(() => {
headlessModule.initialize("YOUR_APPID")
headlessModule.setResponseCallback(onHeadlessResult);
return () => {
headlessModule.clearListener();
headlessModule.cleanup();
};
}, []);
const startPhoneAuth = (phoneNumber: string, countryCode: string) => {
const request = {
phone: phoneNumber,
countryCode
};
headlessModule.start(request);
};
const verifyPhoneOtp = (phoneNumber: string, countryCode: string, otp: string) => {
const request = {
phone: phoneNumber,
countryCode,
otp
};
headlessModule.start(request);
};
const onHeadlessResult = (result: any) => {
headlessModule.commitResponse(result);
const responseType = result.responseType;
switch (responseType) {
case "SDK_READY": {
// Notify that SDK is ready
console.log("SDK is ready");
break;
}
case "FAILED": {
console.log("SDK initialization failed");
// Handle SDK initialization failure
break;
}
case "INITIATE": {
// Notify that headless authentication has been initiated
if (result.statusCode == 200) {
console.log("Headless authentication initiated");
const authType = result.response.authType; // This is the authentication type
if (authType === "OTP") {
// Take user to OTP verification screen
} else if (authType === "SILENT_AUTH") {
// Handle Silent Authentication initiation by showing
// loading status for SNA flow.
}
} else {
// Handle initiation error.
// To handle initiation error response, please refer to the error handling section.
if (Platform.OS === 'ios') {
handleInitiateErrorIOS(result.response);
} else if (Platform.OS === 'android') {
handleInitiateErrorAndroid(result.response);
}
}
break;
}
case "OTP_AUTO_READ": {
// OTP_AUTO_READ is triggered only in Android devices for WhatsApp and SMS.
if (Platform.OS === "android") {
const otp = result.response.otp;
console.log(`OTP Received: ${otp}`);
}
break;
}
case "VERIFY": {
// notify that verification has failed.
if (result.response.authType == "SILENT_AUTH") {
if (result.statusCode == 9106) {
// Silent Authentication and all fallback authentication methods in SmartAuth have failed.
// The transaction cannot proceed further.
// Handle the scenario to gracefully exit the authentication flow
} else {
// Silent Authentication failed.
// If SmartAuth is enabled, the INITIATE response
// will include the next available authentication method configured in the dashboard.
}
} else {
// To handle verification failed response, please refer to the error handling section.
if (Platform.OS === 'ios') {
handleVerifyErrorIOS(result.response);
} else if (Platform.OS === 'android') {
handleVerifyErrorAndroid(result.response);
}
}
break;
}
case "DELIVERY_STATUS": {
// This function is called when delivery is successful for your authType.
const authType = result.response.authType;
// It is the authentication type (OTP, MAGICLINK, OTP_LINK) for which the delivery status is being sent
const deliveryChannel = result.response.deliveryChannel;
// It is the delivery channel (SMS, WHATSAPP, etc) on which the authType has been delivered
}
case "ONETAP": {
const token = result.response.token;
if (token != null) {
console.log(`OneTap Data: ${token}`);
// Process token and proceed.
}
break;
}
case "FALLBACK_TRIGGERED": {
// A fallback occurs when an OTP delivery attempt on one channel fails,
// and the system automatically retries via the subsequent channel selected on Otpless Dashboard.
// For example, if a merchant opts for SmartAuth with primary channal as WhatsApp and secondary channel as SMS,
// in that case, if OTP delivery on WhatsApp fails, the system will automatically retry via SMS.
// The response will contain the deliveryChannel to which the OTP has been sent.
if (response.response.deliveryChannel != null) {
const newDeliveryChannel = response.response.deliveryChannel
// This is the deliveryChannel to which the OTP has been sent
}
break;
}
default: {
console.warn(`Unknown response type: ${responseType}`);
break;
}
}
};
Add Network Security Config inside your android/app/src/main/AndroidManifest.xml file into your code block (Only required if you are using the SNA feature):
android:networkSecurityConfig="@xml/otpless_network_security_config"
Add the following block to your info.plist file (Only required if you are using the SNA feature):
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
<key>NSExceptionDomains</key>
<dict>
<key>80.in.safr.sekuramobile.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
<key>partnerapi.jio.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
</dict>
</dict>
For complete documentation and other login feature explore, follow the following guide here: installation guide here
FAQs
react native plugin for otpless headless android and ios
We found that otpless-headless-rn demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Company News
Socket won two 2026 Reppy Awards from RepVue, ranking in the top 5% of all sales orgs. AE Alexandra Lister shares what it's like to grow a sales career here.
Security News
NIST will stop enriching most CVEs under a new risk-based model, narrowing the NVD's scope as vulnerability submissions continue to surge.
Company News
/Security News
Socket is an initial recipient of OpenAI's Cybersecurity Grant Program, which commits $10M in API credits to defenders securing open source software.