The opaque challenge token returned by POST /otp/challenge.
POST /otp/challenge
Treat authSession as a black box — never parse, log, or persist it beyond the in-flight OTP verification flow.
authSession
Opaque session handle returned by Auth0. Pass directly to loginWithOtp.
loginWithOtp
The opaque challenge token returned by
POST /otp/challenge.Treat
authSessionas a black box — never parse, log, or persist it beyond the in-flight OTP verification flow.