Prerequisites
⚠️ Backend Required: This authentication method requires a backend service
that handles Stytch Email OTP operations. The auth service already has the
implementation in place with the 
/stytch/email/send-otp and
/stytch/email/verify-otp endpoints, but they are disabled by default. Simply
run your auth service at the configured URL to enable Stytch Email OTP
functionality.Lit Auth Server URLs. Please refer to Auth
Services section.
1
Send OTP to Phone
Enter your phone number to receive a one-time password (OTP). The OTP will be sent via Stytch’s SMS service through your backend.
2
Verify OTP
Enter the OTP code sent to your phone to verify your identity and generate authentication data.
3
Setup TOTP 2FA (Optional)
Add an extra layer of security to your account by setting up TOTP (Time-based One-Time Password) 2FA. This will allow you to use authenticator apps like Google Authenticator, Authy, or 1Password for future logins.See TOTP 2FA for more details.
4
Get or Mint a PKP
You can select an existing PKP associated with your account or mint a new one.
5
Generate Auth Context
Use your newly minted PKP to create an AuthContext. This method will cache two things:
- session key pair - a temporary cryptographic key pair generated on the client side that acts as a temporary identity for the client application. It consists of:
- A public key - shared with the Lit nodes
- A secret key (private key) - kept securely on the client
 
- Delegation AuthSig aka. the inner auth sig - a cryptographic attestation from the Lit Protocol nodes that authorises your session key to act on behalf of your PKP.