Login with Whatsiplus (Reverse OTP)

Login with WhatsApp (Reverse OTP) allows users to authenticate by sending a message via WhatsApp to the admin number instead of receiving a code. This unique method, called Reverse OTP, ensures that the user is the initiator of the conversation, drastically reducing the chances of the admin number being blocked by WhatsApp.

This plugin is ideal for login, membership, or community-based WordPress websites where mobile-based verification is preferred over email/password.

Third-party Service

This plugin requires a third-party service to function properly. It integrates with the external Whatsiplus API in order to provide OTP-based login functionality via WhatsApp.

The plugin communicates with the following endpoints from the service:

• API Base URL: https://api.whatsiplus.com
• Send Message: https://api.whatsiplus.com/sendMsg
• Receive Message: https://api.whatsiplus.com/receivedMessages
• Service Settings: https://api.whatsiplus.com/serviceSettings

What data is sent and when:

• During login or OTP request: The plugin sends the user』s phone number (as entered by the user) and your API key to the Whatsiplus service in order to initiate OTP verification.
• During plugin configuration: The plugin sends your API key to verify service status and fetch related settings (such as connected number and country code).

No other personal data is transmitted to Whatsiplus.

Requirements:

This plugin will not work without a valid Whatsiplus API key. You can obtain a key by registering at https://whatsiplus.com.

Service provider details:

• API Service Provider: Whatsiplus.com
• Documentation: https://docs.whatsiplus.com
• Terms of Service: https://whatsiplus.com/terms-and-conditions/
• Privacy Policy: https://whatsiplus.com/privacy-policy/

How it Works

1. User enters their phone number in the login form.
2. The system generates a unique OTP.
3. The user is instructed to send that OTP to the admin』s WhatsApp number.
4. Once received and verified, the user is logged in securely.

Key Features

• ✅ Let users log in without a password — via WhatsApp.
• 🔒 Reverse OTP system — prevents your WhatsApp number from being blocked.
• 🔎 Automatically detects OTP sent by users to Whatsiplus.
• 📸 Users can scan a QR Code to quickly open WhatsApp with their unique code.
• 🔗 One-click direct WhatsApp link — no need to type the code manually.
• 💬 Sends welcome messages after login.
• 📱 WooCommerce compatible (but not required).
• 📊 Built-in log system to track login attempts.
• 🔧 Admin can choose which user meta field contains the phone number.
• 🌍 Default country code support.
• 🌐 REST API endpoints to support external apps (mobile, PWA).
• 🧩 Includes Widget and Shortcode for login anywhere on your site.
• 🛠️ Supports custom user fields (e.g. contact_number, mobile, billing_phone, etc.)

REST API

Two REST endpoints are available for developers:

1. POST /wp-json/reverse-otp/v1/request
   • Input: { "phone": "1530xxxxxxx" }
   • Output: OTP code + WhatsApp link + expires_in
2. POST /wp-json/reverse-otp/v1/verify
   • Input: { "phone": "...", "code": "..." }
   • Output: Auth status (if successful, user will be logged in)