Hey there, newbie here. I went through the documentation but couldn’t find information on how much time to wait until providing the user with ability to resend OTP. I feel like this is a common flow that I have seen in other apps. This would be important in case the user has trouble receiving OTP the first time for any reason
Hey Sathwik - thanks for posting!
Great question - we don’t have any strict guidelines on this, but a good rule of thumb is to enforce a wait time at least 30 seconds to a minute before allowing email OTP resends.
For context, most emails are delivered in just a few seconds (we actually publish the average time-to-inbox metric on our status page here), but with email delivery there are always some outliers that will take a bit longer.
A cooldown of 30 seconds to a minute helps prevent overlapping OTP codes as well as hitting any potential rate limits in the event of a slower delivery.
Great, that answers my question. Thank you