SMS OTP Restrictions

regnauld.ethan · November 17, 2021, 3:51am

Hi all,

I’m trying to understand whether there’s any limitation of requesting OTP SMS such as throttling (i.e. limit of 3 requests within 30 minutes) or gap time between requests (i.e. new requests can be done after 1 minute). I only notice a configuration for OTP expiration time. Thank you for the answers!

konrad.sopala · November 17, 2021, 12:11pm

Hey there!

Yep I think that’s the only one rest of the restrictions and limits in general can be found here:

https://auth0.com/docs/support/policies/rate-limit-policy/entity-limit-policy

Topic		Replies	Views
Rate Limit for OTP sent Help	2	1865	July 28, 2022
Potential Threat to Passwordless OTP Security Knowledge Articles passwordless , sms , security-risk , attacks	1	590	February 29, 2024
Rate limits for MFA factors Knowledge Articles rate-limit , mfa-factors	1	1896	August 30, 2023
Passwordless emails may take several minutes to reach our user. More than OTP expiry Help classic-universal-login-experience , login-experience	4	1169	January 10, 2023
Passwordless SMS Login Always states: "Enter the 6-digit code" -- regardless of how many digits are configured Feedback bug , passwordless-sms	3	153	July 11, 2024

SMS OTP Restrictions

Related Topics