Limiting OTP retries

You can change how many times a user can attempt to enter an OTP before they have to enter their email / phone number again (thereby force generating a new OTP). By default, this is set to 5 attempts, and can be modified by changing the passwordless_max_code_input_attempts core config:

docker run \
  -p 3567:3567 \
  // highlight-start
  -e PASSWORDLESS_MAX_CODE_INPUT_ATTEMPTS=3 \
  // highlight-end
  -d registry.supertokens.io/supertokens/supertokens-<db name>