ThreadCamp
Start free
Use case

OTP retrieval agent: retrieve one-time passcodes and 2FA codes mid-task

ThreadCamp gives the agent a real email address so it can retrieve one-time passcodes and 2FA codes mid-task - with programmatic inboxes, wait_for_message for time-sensitive replies, and human approval when a send matters.

Start free - no cardRead the docs

Give the agent an inbox

Call POST /v1/inboxes (or create_inbox over MCP) to get a working address in milliseconds - on the shared in.threadcamp.com domain or your own custom domain. The agent reads inbound mail, replies on the thread and forwards, all with the same key.

Wait for the message that unblocks the task

Many agent jobs stall on an email arriving - an OTP, a verification link, a reply. wait_for_message polls the inbox for the specific message the agent needs mid-task, so it can continue without a brittle sleep-and-retry loop.

// Poll a ThreadCamp inbox for an incoming OTP or verification email
const msg = await fetch("https://threadcamp.vercel.app/v1/inboxes/inbox_.../wait", {
  method: "POST",
  headers: { Authorization: "Bearer sk_live_...", "Content-Type": "application/json" },
  body: JSON.stringify({ from: "no-reply@service.com", timeout_s: 120 }),
}).then((r) => r.json());

// -> { "id": "msg_...", "text": "Your code is 481920", ... }

Keep a human in the loop

For anything that sends outward, set the inbox to approve-first. Every agent send is held as a pending draft in a human approval queue; a one-click approval is what actually executes the send. That is how a otp retrieval agent runs unattended without becoming a spam risk.

More use cases

Related jobs

Support agent

hold email conversations with customers, with human approval on replies

Signup automation

sign up for services that require email verification

Outreach agent

send scheduled, approved outreach from a real domain

Powered by the email platform for AI agents and human-in-the-loop approvals.

Questions

How does ThreadCamp support a otp retrieval agent?

Create a real inbox with POST /v1/inboxes, then let the agent retrieve one-time passcodes and 2FA codes mid-task. It reads inbound mail over signed webhooks or polling, uses wait_for_message for time-sensitive replies like OTPs, and can be set to approve-first so a human signs off before anything sends.

Is a otp retrieval agent safe to run unattended?

Each inbox has an autonomy policy - auto, approve-first or notify. Under approve-first every send lands as a pending draft in a human approval queue. Scoped API keys, sandbox mode, rate limits and bounce auto-pause bound the blast radius.

Build your otp retrieval agent today.

No credit card. Full API, MCP and webhooks on the free tier.

Start freeRead the docs