Update files/en-us/web/api/webotp_api/index.md

Co-authored-by: Dipika Bhattacharya <[email protected]>
mdn · Jul 20, 2023 · dad508b · dad508b
1 parent 904f6e5
commit dad508b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/files/en-us/web/api/webotp_api/index.md b/files/en-us/web/api/webotp_api/index.md
@@ -38,7 +38,7 @@ You are, therefore, recommended to use a stronger form of authentication if poss
 The process works like so:
 
 1. At the point where phone number verification is required, an app client will ask a user to enter their phone number into a form, which is then submitted to the app server.
-2. The app client then invokes {{domxref("CredentialsContainer.get", "navigator.credentials.get()")}} with an `otp` option specifying a `transport` type of `"sms"`. This triggers a request for an OTP from the underlying system, the source of which will be a [specially-formatted SMS message](#the_sms_message_format) (containing the OTP and the app's domain) received from the app server. The `get()` call is {{jsxref("Promise")}}-based, and waits for the SMS message to be received.
+2. The app client then invokes {{domxref("CredentialsContainer.get", "navigator.credentials.get()")}} with an `otp` option specifying a `transport` type of `"sms"`. This triggers a request for an OTP from the underlying system, the source of which will be a [specially-formatted SMS message](#the_sms_message_format) (containing the OTP and the app's domain) received from the app server. The `get()` call is {{jsxref("Promise")}}-based and waits for the SMS message to be received.
 3. The app server sends the SMS message to the specified phone number. This must be done just after Step 2 has occurred.
 4. When the SMS is received on the device, provided it contains the app's domain the browser will ask the user if they consent to the OTP being retrieved/used. Chrome, for example, displays a dialog asking them for their permission to retrieve the OTP from the SMS; other browsers may handle it differently. If they do consent, the `get()` call will fulfill with an {{domxref("OTPCredential")}} object containing the OTP.
 5. You can then use the OTP in any way you wish. Typical usage would be to set it as the value of the validation form on the app client and then submit the form, making the process as seamless as possible.