> ## Documentation Index
> Fetch the complete documentation index at: https://docs.hypersender.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Validate OTP Code

> Confirm a user's OTP submission from Laravel.

Check whether an OTP code is correct, unexpired, and unused using the Laravel SDK. Use this after the user submits the code they received via WhatsApp.

## Parameters

| Field  | Type   | Required | Description                             |
| ------ | ------ | -------- | --------------------------------------- |
| chatId | string | yes      | WhatsApp chat ID that received the OTP. |
| code   | string | yes      | The OTP code entered by the user.       |

## Validate the code

```php theme={null}
use Hypersender\Hypersender;

$response = Hypersender::otp()->validateCode([
    'chatId' => '20123456789@c.us',
    'code' => '439713',
]);

if (($response['success'] ?? false) && (($response['data']['status'] ?? '') === 'validated')) {
    // proceed with login or protected action
}
```

### Common failure reasons

* Code does not match the active OTP
* Code expired based on `expires` value
* Code already used (single-use)
* No active OTP found for the `chatId`

<Warning>
  Implement rate limits on validation attempts (e.g., max 3-5 tries) to block brute-force guessing.
</Warning>

## Next

For passwordless login flows, try [Generate OTP Link](/v2/packages-and-sdks/laravel/otp/generate-link) to avoid manual code entry.
