Skip to main content
GET
/
auth
/
v2
/
status
Status Check
curl --request GET \
  --url https://auth.otpless.app/auth/v2/status \
  --header 'clientId: <api-key>' \
  --header 'clientSecret: <api-key>'
{
  "auths": [
    {
      "identityType": "MOBILE",
      "identityValue": "917069914791",
      "channel": "SILENT_AUTH",
      "methods": [
        "SILENT_AUTH"
      ],
      "status": "PENDING",
      "type": "PRIMARY"
    }
  ],
  "derivedOperator": "AIRTEL",
  "phoneDetail": {
    "countryCode": "91",
    "country": "IN",
    "type": "MOBILE",
    "homeOperator": "VI",
    "location": "India",
    "timeZones": [
      "Asia/Calcutta"
    ]
  },
  "simDetail": {
    "operator": "AIRTEL",
    "mcc": 405,
    "mnc": 51
  },
  "networkDetail": {
    "ip": "2401:4900:1c50:1a3b::1",
    "ipType": "IPV6",
    "operator": "AIRTEL"
  },
  "deviceFingerprinting": {
    "status": "SUCCESS",
    "sessionId": "a98ead44-f4db-4801-8c3f-041f98140734",
    "deviceId": "781b21f7-220b-4f44-9155-6261f8564924",
    "newDevice": false,
    "riskAssessment": {
      "sessionRiskLevel": "HIGH",
      "deviceRiskLevel": "HIGH",
      "sessionRiskScore": 95,
      "deviceRiskScore": 90,
      "ipFraudScore": 0,
      "flags": {
        "isVpn": false,
        "isEmulator": false,
        "isAppTampered": true
      }
    },
    "deviceContext": {
      "brand": "iQOO",
      "model": "I2410",
      "os": "Android",
      "osVersion": "16"
    },
    "networkContext": {
      "ipAddress": "106.205.222.198",
      "ipType": "v4",
      "asn": "45609",
      "isp": "Bharti Airtel Limited"
    }
  }
}
The Status Check API is the authoritative source of truth for the SNA-only flow. Your backend polls it with the requestId (ARID token) from the Create API to determine the final auth outcome. Poll until the PRIMARY factor reaches a terminal status (SUCCESS or FAILED).
This is a server-to-server call. It requires your clientId and clientSecret headers. Confirm a successful login based on this response — not on the SDK callback alone.
The deviceFingerprinting block is enriched only if the OTPless Device Intelligence SDK is imported and initialized in your client app. If it isn’t, the field is omitted from the response — the rest of the auth status is unaffected.
For an SNA-only flow, read the PRIMARY factor’s status in auths[]:
auths[].statusMeaningAction
PENDINGSNA is still in progress — the carrier verification callback has not yet been received.Keep polling.
SUCCESSCarrier verification completed and the SIM was verified. verifiedTimestamp is populated.Log the user in and proceed with the journey.
FAILEDSNA could not be completed. An error object with errorCode and message is present.Trigger an OTP fallback / retry flow.
Before auth is initialized you may receive an HTTP 400 with errorCode 7170 (“Auth not started yet”). This is not terminal — if auth has been initiated, keep polling. A 7119 (“Invalid request Id”) means the requestId is malformed.Poll until the PRIMARY factor reaches a terminal status (SUCCESS or FAILED), or until the request expires — the expiry you set in the Create API bounds the request’s validity.

SNA verification error codes

When auths[].status is FAILED, inspect auths[].error.errorCode to determine the failure and your fallback. See the full API Error Codes reference for the complete list of SP* codes and their messages.

Polling guidance

Begin polling after initiating SNA on the client. Recommended strategy:
ParameterRecommended value
Interval1 – 2 seconds
Terminal statesSUCCESS or FAILED — stop polling immediately.
Timeout fallbackIf still PENDING after your max attempts (bounded by expiry), treat as timeout and fall back to OTP.
An HTTP 400 with errorCode 7170 is transient — it can appear briefly before auth initializes. Keep polling if auth was initiated; only 7119 indicates a malformed requestId.

Authorizations

clientId
string
header
required

OTPless API Client ID

clientSecret
string
header
required

OTPless API Client Secret

Query Parameters

requestId
string
required

The ARID token (requestId) returned by POST /auth/v1/create.

Example:

"ARID_A1B2C3D4E5F6"

Response

HTTP 200 — Current auth status for the requestId. auths[].status is PENDING, SUCCESS, or FAILED.

auths
object[]

Authentication factor(s) for the request. For SNA-only flows this contains the PRIMARY SILENT_AUTH factor.

derivedOperator
string

Best-guess active network operator, derived from IP and SIM signals (e.g. JIO, AIRTEL, VI).

Example:

"AIRTEL"

phoneDetail
object

Phone number metadata.

simDetail
object

SIM / carrier detection from the network.

networkDetail
object

IP and connection info for the two legs of the SNA flow.

  • Start leg — the network the user started on. Provided either as the root-level ip / ipType / operator fields or as the continue object. One of the two is present in the payload.
  • End leg — the network the carrier completed verification on. Provided as the callback object, always present once the telco reaches a terminal state.
deviceFingerprinting
object

Device risk and context signals. Enriched only if the OTPless Device Intelligence SDK is imported and initialized in the client app; otherwise this field is omitted.