Email signup with 6-digit OTP verification instead of magic links?
Hi,
I'm using Supabase Auth with password-based email signup (Next.js app).
Users are having trouble with the email confirmation flow and password resets - they struggle with clicking magic links (email client issues, mobile problems, etc.).
I'd like to switch to a 6-digit OTP code that users can type in, similar to how phone/SMS verification works. This would apply to both email confirmation after signup and password reset
verification.
From what I can tell, phone auth uses
variable is available in email templates and shows whatever token is generated.
Is there a way to configure this to use 6-digit OTP codes instead? Or would I need to modify the auth server source code to change
instead of
This would still be password-based auth - the OTP would only be for verifying the email address and resetting passwords, not for passwordless login.
Thanks!
I'm using Supabase Auth with password-based email signup (Next.js app).
Users are having trouble with the email confirmation flow and password resets - they struggle with clicking magic links (email client issues, mobile problems, etc.).
I'd like to switch to a 6-digit OTP code that users can type in, similar to how phone/SMS verification works. This would apply to both email confirmation after signup and password reset
verification.
From what I can tell, phone auth uses
GenerateOtp() to create numeric codes, but email confirmation and password reset use SecureToken() which generates long random tokens. The {{ .Token }}variable is available in email templates and shows whatever token is generated.
Is there a way to configure this to use 6-digit OTP codes instead? Or would I need to modify the auth server source code to change
sendConfirmation and password recovery to use GenerateOtp()instead of
SecureToken()?This would still be password-based auth - the OTP would only be for verifying the email address and resetting passwords, not for passwordless login.
Thanks!
