April 15, 2026AI AgentsTutorial

How to Extract OTP Codes with AI Agents in 2026

80% of online services use email-based verification. Here's how to automate it.

The Problem

AI agents like OpenClaw, Browser Use, and custom LangChain agents need to sign up for services, verify accounts, and extract one-time passwords. But email verification is the last manual step in an otherwise automated pipeline.

The traditional approach — polling a Gmail inbox with IMAP, parsing HTML, and extracting codes with regex — is fragile, slow, and doesn't scale. You need a purpose-built API.

The Solution: 3 Lines of Code

With SandMail, your agent creates a disposable inbox, waits for the verification email, and extracts the OTP — all in one API call:

import { SandMail } from 'sandmail';
const client = new SandMail('sk_live_your_key');

// 1. Create a disposable inbox
const inbox = await client.createInbox({ domain: 'tempyx.com' });

// 2. Use the email to sign up for a service
await signUpForService(inbox.email);

// 3. Wait for the OTP (blocks until email arrives)
const otp = await client.waitForOTP(inbox.email, { timeout: 30 });

console.log(otp.code);       // "847291"
console.log(otp.confidence); // "high"
console.log(otp.type);       // "numeric_6"

// 4. Clean up
await client.deleteInbox(inbox.email);

Python Version

from sandmail import SandMail

client = SandMail("sk_live_your_key")

inbox = client.create_inbox(domain="tempyx.com")
otp = client.wait_for_otp(inbox.email, timeout=30)

print(f"Code: {otp.code}")        # "847291"
print(f"Confidence: {otp.confidence}")  # "high"

How OTP Extraction Works

SandMail's OTP extractor analyzes the email subject and body using pattern matching across 15 languages:

  • Numeric codes (4-8 digits): "Your code is 847291", "OTP: 4829", "PIN: 123456"
  • Alphanumeric codes: "Your code is A3B-7K2"
  • Verification links: Magic links containing /verify, /confirm, /activate
  • Multi-language: English, French, German, Spanish, Russian, Chinese, Japanese, Korean, Arabic, and more

Each result includes a confidence level:

  • high: Code found near explicit keywords like "verification code", "OTP", "PIN"
  • medium: Code found near general trigger words within 80 characters

Real-time with Webhooks

For production pipelines, use webhooks instead of long-polling. SandMail POSTs the email data (with extracted OTP) to your URL as soon as it arrives:

// Register a webhook
const wh = await client.createWebhook('https://myapp.com/webhook');

// Your server receives:
{
  "event": "message.received",
  "data": {
    "recipient": "agent_x7k@tempyx.com",
    "has_otp": true,
    "otp": {
      "code": "847291",
      "confidence": "high",
      "type": "numeric_6"
    }
  }
}

With MCP (Claude, Cursor, Windsurf)

If your agent runs inside Claude Code or Cursor, install the MCP server:

npm install -g sandmail-mcp

Then ask your AI: "Create a temporary email and get me the verification code from Twitter." The agent handles everything automatically.

Pricing

SandMail offers a free tier (500 requests/month) to get started. No credit card required. See pricing plans.

Ready to automate OTP extraction?

Get your free API key in 30 seconds.

Get Started Free