# [OAuth2.0] Start auth by phone number Starts authentication by the user phone number and sends a confirmation code to their phone number. The code lifetime is 3 minutes. This call is used only with the Complete auth by phone number call. The workflow of using this call: 1. The application opens an authentication form so the user can enter their phone number. 2. The user enters their phone number. 3. The application sends this request to the Xsolla Login server: a. If the parameter send_link is true, after this request, you should send the Get confirmation code request to make SMS contain the confirmation code and link. b. If the parameter send_link is false or not passed, the SMS will contain the confirmation code only. 4. The Xsolla Login server sends the SMS and returns the ID of the confirmation code. 5. The application shows a field so the user can fill in the confirmation code. 6. The user enters the received confirmation code or follows the link. 7. The application sends the Complete auth by phone number request with the received ID to the Xsolla Login server. 8. The user is considered as authorized. Endpoint: POST /oauth2/login/phone/request Version: v1 ## Query parameters: - `response_type` (string, required) Grant type used in your project that has the enabled OAuth 2.0 protocol. Must be code to get the user authentication code in the response. The received code must be exchanged to a JWT via the Generate JWT call to finish user authentication. - `client_id` (integer, required) Your application ID. Get it after creating an OAuth 2.0 client. - `scope` (string) Scope is a mechanism in OAuth 2.0 to limit an application’s access to a user’s account. Can be: * offline to use refresh_token from the Generate JWT call to refresh the JWT when it is expired. * playfab to write SessionTicket to the session_ticket claim of the JWT if you store user data at PlayFab. If you process your own values of the scope parameter, that are not mentioned above, you can set them when using this call. The Xsolla Login server does not process these values, but returns them in the received JWT. - `state` (string, required) Value used for additional user verification. Often used to mitigate CSRF Attacks. The value will be returned in the response. Must be longer than 8 symbols. - `redirect_uri` (string) URL to redirect the user to after account confirmation, successful authentication, or password reset confirmation. To set up this parameter, contact your Customer Success Manager or email to csm@xsolla.com. Notice The parameter is required if you have more than one redirect URI in your project settings. ## Request fields (application/json): - `link_url` (string) URL to redirect the user to the status authentication page. Required if the parameter send_link is true. - `phone_number` (string, required) User phone number. - `send_link` (boolean) Shows whether a link is sent with the confirmation code in the SMS or not. The link can be used instead of the confirmation code to log in. If the parameter has the true value, the link is sent in the SMS. - `source` (string) to mark that request goes from Xsolla Link Enum: "xsolla_link" ## Response 200 fields (application/json): - `operation_id` (string, required) ID of the confirmation code. - `remaining_ttl` (integer) Remaining time for resend. The value is in seconds. ## Response 400 fields (application/json): - `error` (object, required) - `error.code` (string, required) Error code. Example: "003-061" - `error.description` (string, required) Error description. Example: "Object not found." - `error.details` (object) Additional information. ## Response 404 fields (application/json): - `error` (object, required) - `error.code` (string, required) Error code. Example: "003-061" - `error.description` (string, required) Error description. Example: "Object not found." - `error.details` (object) Additional information. ## Response 422 fields (application/json): - `error` (object, required) - `error.code` (string, required) Error code. Example: "003-061" - `error.description` (string, required) Error description. Example: "Object not found." - `error.details` (object) Additional information. ## Response 429 fields (application/json): - `error` (object, required) - `error.code` (string, required) Error code. Example: "003-061" - `error.description` (string, required) Error description. Example: "Object not found." - `error.details` (object) Additional information.