OTPBase

Getting started

OTPBase is a relay for one-time verification codes. Sources push codes in, the codes land on one page, and a read-only token lets your scripts pull the latest one back out.

The three moving parts

OTPBase sits in the middle of three things:

  1. A source PUSHES codes in. Your phone forwards an incoming SMS, or a self-hosted TOTP seed generates a rolling code.
  2. The codes LAND on /codes. Everything you have collected shows up on one page, newest first.
  3. A read token PULLS them out. Scripts, agents, and CI fetch the latest code over a read-only API.

That separation matters because the two tokens you will use are different and should never be confused:

Token Prefix Direction Who uses it
Device/ingest token dvt_ Push codes in Your phone
API read token otpb_ Pull codes out Scripts, agents, CI

The fastest path

From a fresh account to reading a code in a terminal:

  1. Connect one source. Either pair a phone (see the iPhone or Android guide) or add a TOTP seed at /totp/add.
  2. Open /codes. Trigger a real verification or watch a rolling TOTP code appear.
  3. Create an API token at /settings/api. It is read-only (scope codes:read) and shown once, so copy it immediately.
  4. Read the latest code with curl:
curl -H "Authorization: Bearer otpb_..." \
  https://otpbase.com/api/codes/latest

That round trip — source in, page, token out — is the whole product.

A note on email

Email (IMAP) ingestion is on the roadmap. For now, codes come from forwarded SMS and self-hosted TOTP.

Where to next

  • Pair an iPhone (Apple Shortcut) — forward SMS from an iPhone.
  • Pair an Android phone — use a free SMS-forwarder app.
  • Add a TOTP seed — paste an otpauth:// URI or import a Google Authenticator export.
Did this answer your question? Email support