REL-ID for MobileREL-ID APIsREL-ID for Web
Guides
Start typing to search…

Email-based OTP

🎯 Purpose

Delivers one-time passwords via email to the user's registered email address for authentication. This factor provides wide accessibility as it works with any email account and doesn't require mobile phone access.

📋 Prerequisites and Requirements

RequirementStatusDescription
Email Address✅ RequiredValid email address must be registered during activation
Email Access✅ RequiredUser must be able to access their email account
Internet Connection✅ RequiredDevice must have internet access to check email
REL-ID Email Service✅ System ProvidedREL-ID platform handles email delivery

🔄 Email OTP Authentication Flow

  1. Email Verification: System confirms user has registered email address
  2. OTP Generation: 6-digit numeric code generated by system
  3. Email Composition: Authentication email created with OTP code
  4. Email Delivery: Message sent to user's registered email address
  5. Email Access: User opens email client or webmail to retrieve code
  6. Code Extraction: User locates 6-digit code within email message
  7. Code Entry: User manually enters code on web authentication portal
  8. Server Validation: System validates entered code against generated code
  9. Authentication Result: Valid code allows authentication to proceed

⚙️ Configuration and Management

System Configuration

SettingLocationDescriptionImpact
emailOtpallowed.auth.factorsEnable/disable Email OTP for authenticationControls if Email OTP available during login
emailOtpallowed.reg.factorsEnable/disable Email OTP registrationControls if users can register email addresses

Email Address Registration Process

  1. Address Entry: User provides email address during activation or in User Portal
  2. Format Validation: System checks email format and domain validity
  3. Test Email: Verification code sent to provided email address
  4. Email Reception: User checks email and locates verification message
  5. Confirmation: User enters verification code to confirm email ownership
  6. Storage: Verified email address stored for future authentication use

Email Address Update Process

  1. Portal Access: User accesses security settings in User Portal
  2. Re-authentication: Full authentication required before email change
  3. New Address Entry: User provides replacement email address
  4. Verification Email: Test code sent to new address for verification
  5. Email Check: User accesses new email account to retrieve code
  6. Confirmation: User enters verification code from new email
  7. Update Complete: New email address replaces old address in system

🖼️ Email Template Features

Visual Components

ComponentPurposeCustomization
OTP ImageVisual enhancement and branding✅ Customizable
Email LayoutProfessional appearance✅ Template customizable
Branding ElementsCorporate identity✅ Logo and colors configurable

Localization Support

FeatureCapabilityImplementation
Multi-languageText in user's preferred languageLanguage-specific email templates
Localized ImagesLanguage-appropriate graphicsLocale-specific image folders
Cultural AdaptationRegion-appropriate formattingConfigurable date/time formats

📊 Email Delivery Characteristics

CharacteristicDetailsNotes
Delivery TimeUsually 1-60 secondsCan vary by email provider and server load
Code Length6 digitsStandard numeric format
ExpirationConfigurable (typically 5-10 minutes)Code becomes invalid after expiration
Resend CapabilityAvailable if initial email not receivedRate limiting may apply
Spam FilteringMay affect deliveryUsers advised to check spam/junk folders

🎯 Success and Failure Scenarios

✅ Success Scenarios

  • Email Delivered: Message successfully reaches user's email inbox
  • Code Retrieved: User successfully locates and reads the authentication code
  • Correct Entry: User enters exact 6-digit code from email
  • Timely Use: Code used within expiration time limit
  • Email Accessible: User can access their email account without issues

❌ Failure Scenarios

Failure TypeCauseUser ExperienceResolution Options
No Email AddressUser hasn't registered email address"No email address registered" errorGuide user to email registration process
Email Not DeliveredServer issues, invalid address, or spam filteringNo email receivedCheck spam folder, offer resend, or alternative auth
Wrong CodeUser entered incorrect digits"Invalid code" error messageAllow retry with same code
Expired CodeCode used after expiration time"Code expired" errorGenerate and send new code
Email Access IssuesPassword forgotten, account lockedCannot access emailProvide alternative authentication methods

Email Delivery Troubleshooting

  • Check Spam Folder: Authentication emails may be filtered as spam
  • Email Provider Issues: Temporary server problems may delay delivery
  • Invalid Address: Typos or outdated email addresses prevent delivery
  • Corporate Filtering: Company email systems may block external emails

Resend Functionality

  • User Option: "Resend Email" link available if code not received
  • Rate Limiting: Time delays between resend attempts to prevent abuse
  • Alternative Delivery: Some systems may offer SMS backup if email fails
  • Support Guidance: Users directed to check email settings and spam filters

Email Address Management

  • Registration Required: Email must be registered before Email OTP can be used
  • Verification Process: All addresses verified through test email during registration
  • Update Capability: Users can change email addresses through User Portal
  • Security: Email changes require re-authentication to prevent unauthorised access
  • Multiple Addresses: Some systems may support backup email addresses

Updated 19 days ago