OptionalallowWhether to allow signup for users who do not yet exist in the connection.
Defaults to false. When false, non-existent users receive a silent
fake auth_session (no OTP sent) for GDPR compliance.
The database connection name configured with email_otp.
The email address to send the OTP to.
Options to request a passwordless OTP challenge for a database connection user identified by email address.
The challenge always returns successfully regardless of whether the user exists (user-enumeration prevention). If the user does not exist and
allowSignupisfalse, or if the user is blocked, the returnedauth_sessionwill be non-functional andloginWithOtpwill fail withinvalid_request.A successful challenge does not guarantee an OTP was delivered.