The WebOTP API (formerly called the SMS Receiver API) notifies an application when a specially-crafted SMS message is delivered to the user’s phone. The message must be addressed to the application's origin. The application only receives an OTP code in the message.


Developers use phone numbers for a variety of use cases (see a more in-depth analysis here [1]). In the process, it is often required that phone numbers get verified, which is typically done via sending a one-time-password (OTP) via SMS and manually entered by the user (e.g. copy/paste). Native applications have access to a programmatic API that enables them to read specific SMS messages that are addressed to them through a formatting convention, skipping the need for a manual user interaction, decreasing user friction (i.e. fewer steps) and increasing conversion rates (e.g. fewer problems switching apps and copying/pasting). Currently, web apps are forced to implement a manual user flow, which requires the user to be directed to the native SMS app and back to their web app with the code. In this proposal, we are looking into exposing a Web API that enables web apps to make this process more seemingless. [1]




Specification link

Unknown standards status - check spec link for status

Status in Chromium


Enabled by default (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No signal
  • No signal
  • No signals


Intent to Prototype url

Intent to Prototype thread

Last updated on 2021-12-13