diff --git a/packages/better-auth/src/plugins/one-time-token/index.ts b/packages/better-auth/src/plugins/one-time-token/index.ts
index 790d2283ad..1a49880fc3 100644
--- a/packages/better-auth/src/plugins/one-time-token/index.ts
+++ b/packages/better-auth/src/plugins/one-time-token/index.ts
@@ -8,7 +8,7 @@ import { sessionMiddleware } from "../../api";
 import { generateRandomString } from "../../crypto";
 import type { GenericEndpointContext, Session, User } from "../../types";
 
-interface OneTimeTokenopts {
+interface OneTimeTokenOptions {
 	/**
 	 * Expires in minutes
 	 *
@@ -41,11 +41,11 @@ interface OneTimeTokenopts {
 		| { type: "custom-hasher"; hash: (token: string) => Promise<string> };
 }
 
-export const oneTimeToken = (options?: OneTimeTokenopts) => {
+export const oneTimeToken = (options?: OneTimeTokenOptions) => {
 	const opts = {
 		storeToken: "plain",
 		...options,
-	} satisfies OneTimeTokenopts;
+	} satisfies OneTimeTokenOptions;
 
 	async function storeToken(ctx: GenericEndpointContext, token: string) {
 		if (opts.storeToken === "hashed") {
@@ -146,17 +146,14 @@ export const oneTimeToken = (options?: OneTimeTokenopts) => {
 							message: "Invalid token",
 						});
 					}
+					await c.context.internalAdapter.deleteVerificationValue(
+						verificationValue.id,
+					);
 					if (verificationValue.expiresAt < new Date()) {
-						await c.context.internalAdapter.deleteVerificationValue(
-							verificationValue.id,
-						);
 						throw c.error("BAD_REQUEST", {
 							message: "Token expired",
 						});
 					}
-					await c.context.internalAdapter.deleteVerificationValue(
-						verificationValue.id,
-					);
 					const session = await c.context.internalAdapter.findSession(
 						verificationValue.value,
 					);