> ## Documentation Index
> Fetch the complete documentation index at: https://docs.byzantine.fi/llms.txt
> Use this file to discover all available pages before exploring further.

# Step 1 Initialize OTP (send email)



## OpenAPI

````yaml /api-reference/openapi-integrator.json post /v1/submit/init-otp
openapi: 3.0.3
info:
  title: Byzantine Integrator API
  description: Byzantine REST API for integrators.
  license:
    name: ''
  version: 0.2.0
servers:
  - url: https://sandbox.api.byzantine.fi
    description: Sandbox
security: []
tags:
  - name: API health
    description: Check API status.
  - name: Customer management
    description: Endpoints to create, update, and retrieve customer information.
  - name: Account management
    description: Endpoints to manage accounts, bank accounts, invitations, and user roles.
  - name: Products
    description: Endpoints to get data about products and vaults.
  - name: Transactions
    description: Endpoints to create and manage transactions.
  - name: OTP authentication
    description: Endpoints to initialize and manage user authentication with OTP.
  - name: Webhooks
    description: Integrator-managed outbound webhook subscriptions and delivery history.
paths:
  /v1/submit/init-otp:
    post:
      tags:
        - OTP authentication
      summary: Step 1 Initialize OTP (send email)
      operationId: init_otp
      parameters:
        - name: X-Pubkey
          in: header
          description: >-
            Integrator's ECDSA public key (P-256 curve, compressed SEC1 format).
            Example:
            0x038fedef7c12f93bbf342ad8943b7a825a3b41f61c9dc118b2c718efebabbf62fd
          required: true
          schema:
            type: string
        - name: X-Timestamp
          in: header
          description: >-
            Unix timestamp in seconds (UTC). Must be within tolerance window (1
            minute) to prevent replay attacks. Example: 1760375826
          required: true
          schema:
            type: string
        - name: X-Signature
          in: header
          description: >-
            ECDSA signature (DER-encoded, hex with 0x prefix). Signs the
            message: {timestamp}{METHOD}{path_and_query}{json_body}. Example:
            0x3045022100...
          required: true
          schema:
            type: string
      requestBody:
        description: Initialize OTP authentication by email
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/InitOtpRequest'
        required: true
      responses:
        '200':
          description: OTP initialized successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InitOtpResponse'
        '400':
          description: Invalid request payload
        '404':
          description: Account or user not found
        '500':
          description: Internal server error
      security:
        - integrator_auth: []
components:
  schemas:
    InitOtpRequest:
      type: object
      description: Request to initialize OTP (email) for a user
      required:
        - accountId
        - userId
      properties:
        accountId:
          $ref: '#/components/schemas/Uuid'
        userId:
          $ref: '#/components/schemas/Uuid'
    InitOtpResponse:
      type: object
      description: Response from initializing OTP
      required:
        - otpId
      properties:
        otpId:
          type: string
          description: Unique identifier for the OTP request
          example: otp_a1b2c3d4567890abcdef
    Uuid:
      type: string
      format: uuid
      description: A UUID string
      example: 550e8400-e29b-41d4-a716-446655440000
  securitySchemes:
    integrator_auth:
      type: apiKey
      in: header
      name: X-Pubkey, X-Timestamp, X-Signature

````