Skip to content
Start project
Back

SMS based authentication issue AppwriteException: Missing required parameter: "secret"

  • 0
  • React Native
  • Auth
View on Discord
iftikhar
4 Sep, 2025, 20:08

Hi, I am creating sms based login. I am able to send SMS code to my real number however I am receving this error. I can log the "secret" and i can see it is not missing but appwrite is complaining for it. Here is my code.

TypeScript

    // 1) Send OTP (creates user automatically if phone is new)
    const result= await account.createPhoneToken( ID.unique(), phone);
    console.log("SMS based login userid:", result.userId);

    return result;

  }

  async function verifySMS(userId, code) {
    // Completes the phone login with the OTP
    const secret = String(code).trim();
    console.log("SMS secret:", secret);
    if (!secret) throw new Error('Code is empty');
  // Preferred method for phone OTP:
  if (typeof account.updatePhoneSession === 'function') {
      await account.updatePhoneSession({ userId, secret });
    } else if (typeof account.createSession === 'function') {
    // Fallback for older SDKs that still accept token session here
      await account.createSession({ userId, secret });
    } else {
      throw new Error('No suitable session method found in this SDK build');
    }
  }```

My console log is able to print the "secret" but still getting the error. Here is the console log. 
``` LOG  SMS based login userid: 68b9efa2001babcdc63
 LOG  SMS secret: 254643
 WARN  [AppwriteException: Missing required parameter: "secret"]``` I tried with the Mock number and real number.
TL;DR
Developers were facing an issue with SMS-based authentication due to the "Missing required parameter: 'secret'". The solution involved passing the parameters correctly. The corrected code for the `verifySMS()` function was shared, ensuring `secret` is properly injected. The issue was resolved by ensuring the `userId` and `secret` are passed as separate parameters in the `updatePhoneSession()` method.
iftikhar
4 Sep, 2025, 20:43

As you can see in the logs. The verifySMS() function is receiving userId and code and then it is injecting these required parameters into account.updatePhoneSession() method. Not sure why it is still complaining about " Missing required parameter: "secrete""

iftikhar
4 Sep, 2025, 20:51

Issue is resolved. Thanks here is the correct version of code, in case someone needs it. ``` async function loginSMS(phone) {

TypeScript
const result= await account.createPhoneToken( ID.unique(), phone);


return result;

}

async function verifySMS(userId, code) {

TypeScript
const secret = String(code).trim();

if (!secret) throw new Error('Code is empty');

if (typeof account.updatePhoneSession === 'function') { await account.updatePhoneSession( userId, secret ); } else if (typeof account.createSession === 'function') {

TypeScript
  await account.createSession( userId, secret );
} else {
  throw new Error('No suitable session method found in this SDK build');
}

}```

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more