© 2026 Hedgehog Software, LLC

Twitter GitHub Discord

More

Communities Docs About Terms Privacy

Supabase•4y ago•

1 reply

Preventing OTP auth sign in abuse?

I'm using phone numbers with OTP to log users into my app. This requires an SMS to be sent for each login attempt. I'm concerned that a malicious user could abuse the signin() endpoint costing me a lot of money. What's the right way to prevent that from happening?

Supabase banner

Supabase gives you the tools, documentation, and community that makes managing databases, authentication, and backend infrastructure a lot less overwhelming.

45,816Members

Resources

Similar Threads

Was this page helpful?

Recent Announcements

Similar Threads

Testing OTP sign-in locally

SSupabase / help-and-questions

Does Supabase auth support sign ups via OTP? (`Signups not allowed for otp`)

SSupabase / help-and-questions

Using OTP for Auth

SSupabase / help-and-questions

Sign Up / Sign In, Users management and auth error

SSupabase / help-and-questions