LogoOctoclip Docs

    SMS and OTP

    SMS and OTP features are highly platform-dependent. Treat them as convenience workflows, not as a guaranteed replacement for your system's native OTP autofill.

    Android SMS source requires READ_SMS — a sensitive permission, official APK build only

    On Android, the SMS source requires the READ_SMS permission, which grants access to all SMS messages on the device. This is a sensitive permission. This feature is available only in the official APK build; store builds (e.g., Google Play) exclude it due to policy restrictions. Grant this permission only if you understand what it allows.

    What to expect

    • Android may support SMS-related source detection or quick extraction depending on permissions and build variant (official APK vs. store build).
    • iOS does not provide a general third-party SMS-reading API, so the SMS source is Android-only; on iOS, bring content in via manual sharing or Shortcuts instead.
    • Desktop platforms usually receive SMS/OTP content only after it is copied, shared, or synced from another device.

    Privacy boundary

    OTP codes are sensitive. Use short retention, delete after use, and avoid syncing OTP content if your threat model requires local-only handling.

    Troubleshooting

    1. Confirm the platform supports the SMS/OTP path you are using.
    2. Confirm required permissions are granted.
    3. Copy a test code manually and verify it appears in Clip History.
    4. Check whether filters are excluding SMS-like content.

    Related: SMS source and Privacy and Security.

    Was this page helpful?