Pinpoint: OTP operations

Author: viren-nadkarni

content/en/user-guide/aws/pinpoint/index.md

@@ -93,3 +93,49 @@ The following output would be retrieved:
     }
 }
 ```
+
+### OTP verification
+
+The operations `SentOTPMessage` and `VerifyOTPMessage` are used for one-time password (OTP) verification.
+
+{{< command >}}
+$ awslocal pinpoint send-otp-message \
+  --application-id 4ba98561ebb2cd48c \
+  --send-otp-message-request-parameters '{
+      "BrandName": "LocalStack Community",
+      "Channel": "SMS",
+      "DestinationIdentity": "+1224364860",
+      "ReferenceId": "meetup2024",
+      "OriginationIdentity": "+1123581321",
+      "CodeLength": 6,
+      "AllowedAttempts": 3,
+      "ValidityPeriod": 2
+    }'
+{{< /command >}}
+
+On production, AWS sends an actual SMS text message with the OTP to the destination
+The OTP can then be verified against the reference ID using `VerifyOTPMessage`:
+
+{{< command >}}
+$ awslocal pinpoint verify-otp-message \
+  --application-id 4ba98561ebb2cd48c \
+  --verify-otp-message-request-parameters '{
+      "ReferenceId": "meetup2024",
+      "DestinationIdentity": "+1224364860",
+      "Otp": "666666"
+  }'
+{{< /command >}}
+
+LocalStack can not send an actual SMS text with the OTP.
+However you can use the debug endpoint `/_aws/pinpoint/<application_id>/<reference_id>` to retrieve the OTP message details:
+
+{{< command >}}
+$ curl http://127.0.0.1:4566/_aws/pinpoint/4ba98561ebb2cd48c/meetup2024 | jq .Code
+"666666"
+{{< /command >}}
+
+The OTP is also printed as an `INFO` level log message:
+
+```text
+
+```