Get OTP for WebSocket Authentication

POST

Auth required

Get one-time password (OTP) for WebSocket authentication

Endpoint

POST

/trading/v1/options/accounts/{accountId}/otp

Base URL: https://api.derivws.com

Request & Response

View Raw

Status Codes

200

OTP generated successfully

400

Bad request - Invalid account ID

401

Unauthorized - Authentication failed

500

Internal server error

Error Responses

The API returns structured error responses with detailed information about what went wrong.

400

Bad request

{
  "errors": [
    {
      "status": 400,
      "code": "ValidationError",
      "message": "Invalid account ID format"
    }
  ],
  "meta": {
    "endpoint": "/accounts/INVALID/otp",
    "method": "POST",
    "timing": 12
  }
}

401

Unauthorized

{
  "errors": [
    {
      "status": 401,
      "code": "Unauthorized",
      "message": "Invalid or missing authentication credentials"
    }
  ],
  "meta": {
    "endpoint": "/accounts/DOT90004580/otp",
    "method": "POST",
    "timing": 45
  }
}

500

Internal server error

{
  "errors": [
    {
      "status": 500,
      "code": "InternalError",
      "message": "Failed to generate OTP"
    }
  ],
  "meta": {
    "endpoint": "/accounts/DOT90004580/otp",
    "method": "POST",
    "timing": 234
  }
}

Authentication Required

This endpoint requires the Deriv-App-ID header to identify your application.

OAuth2 Scope: trade

About get_otp

The get_otp endpoint get one-time password (otp) for websocket authentication

OTP Usage

The OTP (One-Time Password) is used to authenticate your WebSocket connection. It is included in the returned URL and should be extracted and used as a query parameter when connecting to the WebSocket.

OTP Lifetime

OTP tokens are short-lived and should be used immediately after generation. If the token expires, request a new one.