> ## Documentation Index
> Fetch the complete documentation index at: https://docs.inprocess.world/llms.txt
> Use this file to discover all available pages before exploring further.

# Login with OTP

> Authenticate an account using an email address and a one-time verification code (OTP).

**Overview:**

This endpoint completes the email login flow. After receiving a verification code via the [Send Code](/api-reference/oauth/send-code) endpoint:

1. Provide the same email address and the 6-digit code from the email.
2. The code is verified against Privy's passwordless authentication.
3. On success, a JWT auth token and the associated Privy embedded wallet address (`social_wallet`) are returned. The token expires in 1 hour and should be included as a Bearer token in subsequent authenticated requests.



## OpenAPI

````yaml POST /oauth/login
openapi: 3.1.0
info:
  title: In•Process API
  description: >-
    The In•Process API enables browsing and managing moments from timelines.
    Retrieve moments from a specific artist's timeline, browse the in•process
    collective timeline, or filter by collection. The API supports creating
    moments, managing collections, handling payments, and interacting with the
    In•Process protocol ecosystem.
  version: 1.0.0
servers:
  - url: https://api.inprocess.world/api
    description: Production server
security: []
paths:
  /oauth/login:
    post:
      summary: Login with OTP
      description: >-
        Authenticate an account using an email address and a one-time
        verification code (OTP).


        **Overview:**


        This endpoint completes the email login flow. After receiving a
        verification code via the [Send Code](/api-reference/oauth/send-code)
        endpoint:


        1. Provide the same email address and the 6-digit code from the email.

        2. The code is verified against Privy's passwordless authentication.

        3. On success, a JWT auth token and the associated Privy embedded wallet
        address (`social_wallet`) are returned. The token expires in 1 hour and
        should be included as a Bearer token in subsequent authenticated
        requests.
      operationId: loginWithOtp
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LoginWithCodeRequest'
      responses:
        '200':
          description: Authentication successful
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LoginWithCodeResponse'
              example:
                token: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9...
                social_wallet: '0x1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b'
        '400':
          description: Validation error - Invalid email or code format
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
              example:
                message: Invalid request body
        '500':
          description: Server error - Failed to authenticate
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
              example:
                message: Failed to login
      security: []
components:
  schemas:
    LoginWithCodeRequest:
      type: object
      required:
        - email
        - code
      properties:
        email:
          type: string
          format: email
          description: The email address used to request the OTP
          example: artist@example.com
        code:
          type: string
          description: The 6-digit one-time verification code sent to the email
          pattern: ^\d{6}$
          example: '123456'
    LoginWithCodeResponse:
      type: object
      required:
        - token
        - social_wallet
      properties:
        token:
          type: string
          description: Authentication token (JWT) that expires in 1 hour
          example: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9...
        social_wallet:
          type: string
          description: >-
            The Privy embedded wallet address associated with the authenticated
            account
          example: '0x1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b'
    Error:
      type: object
      required:
        - status
        - message
      properties:
        status:
          type: string
          enum:
            - error
          description: Error status
        message:
          type: string
          description: Error message
        errors:
          type: array
          description: >-
            Optional array of field-level validation errors. Typically included
            in 400 Bad Request responses for validation errors.
          items:
            type: object
            required:
              - field
              - message
            properties:
              field:
                type: string
                description: The field name that failed validation
              message:
                type: string
                description: The validation error message for this field

````