Skip to main content
Use this endpoint to request a one-time password (OTP) for your Shogun account. OTPs are required to authorize sensitive actions such as initiating transactions above a threshold or confirming a password reset. Once generated, the OTP is delivered to your registered phone number or email address based on the channel you specify.

Endpoint

POST /api/v1/security/web/generate_otp

Authentication

All requests must include a valid Dashboard Bearer token in the Authorization header.
HeaderTypeRequiredDescription
AuthorizationstringYesBearer <token> — obtain from Login
Content-TypestringYesapplication/json

Request Body

purpose
string
required
The reason for which the OTP is being requested. Accepted values:
  • transaction — authorize a sensitive financial transaction
  • user_password_reset — authorize a dashboard user password reset
  • staff_password_reset — authorize a staff portal password reset
channel
string
The delivery channel for the OTP. Maximum 255 characters. If omitted, the platform uses your account’s default delivery method.

Example Request Body

{
  "purpose": "transaction",
  "channel": "email"
}

Response

A successful response confirms that the OTP has been dispatched to your registered contact. No OTP value is returned in the response body — you must retrieve it from your registered phone or email.

Success

{
  "status": true,
  "response_code": "00",
  "message": "OTP sent successfully"
}

Example

curl --request POST \
  --url https://baasapi.payrepmfb.com/api/v1/security/web/generate_otp \
  --header 'Authorization: Bearer <your_dashboard_token>' \
  --header 'Content-Type: application/json' \
  --data '{
    "purpose": "transaction",
    "channel": "email"
  }'
OTPs expire after a short window (typically a few minutes). If yours expires before you can use it, call this endpoint again to request a fresh code. Do not share your OTP with anyone — Shogun support will never ask for it.