In our application We have multiple firm setup and Within the firm, there are multiple users. So We want two way communication between firm number and user's number. In this, Whenever User registers a firm, we have to setup firm's phone number as long codes on Twilio account through programming way so that this firm can use this phone number for sending or receiving sms to/from firm's user. How can we do it in Twilio? Please provide specific link or advice.
Twilio Evangelist here.
Check out the Phone Numbers API docs.
The AvailablePhoneNumbers resource lets you search for phone numbers:
curl -G https://api.twilio.com/2010-04-01/Accounts/ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/AvailablePhoneNumbers/US/Local.json \
-d "AreaCode=510" \
-u 'ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:your_auth_token'
the IncomingPhoneNumbers resource lets you purchase phone numbers:
curl -X POST https://api.twilio.com/2010-04-01/Accounts/ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/IncomingPhoneNumbers.json \
--data-urlencode "FriendlyName=My Company Line" \
--data-urlencode "PhoneNumber=+15105647903" \
--data-urlencode "VoiceMethod=GET" \
--data-urlencode "VoiceUrl=http://demo.twilio.com/docs/voice.xml" \
-u ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:your_auth_token
and update purchased phone numbers:
curl -X POST https://api.twilio.com/2010-04-01/Accounts/ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/IncomingPhoneNumbers/PN2a0747eba6abf96b7e3c3ff0b4530f6e.json \
--data-urlencode "AccountSid=ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" \
--data-urlencode "SmsUrl=http://demo.twilio.com/docs/sms.xml" \
--data-urlencode "VoiceUrl=http://demo.twilio.com/docs/voice.xml" \
-u ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:your_auth_token
Hope that helps.
Related
We are trying to migrate the TOTP factor from Authy to Verify API in Twilio. We reference the following article for the same
https://www.twilio.com/docs/authy/export-totp-secret-seed-for-migrating-to-verify-totp#export-totp-secret-seed-of-a-user
From above URL, we were able to pinpoint how to extract the secret created in the Authy. But, we are unsure as to how a secret extracted from the Authy can be used to create a factor in the Verify API. Can you please tell us in detail how to achieve the same?
Since I don't know what programming language you're using, I'll use cURL commands and you can translate those HTTP requests into your language of choice.
First, you'll need to ask Twilio support to enable the migration tools for your Authy app. They will ask you for Authy app ID which you can find in the URL of the Twilio Console when you navigate to your Authy app.
Then you can use the export TOTP secret API that you linked earlier:
curl -i "https://api.authy.com/protected/json/users/$AUTHY_USER_ID/secret/export" \
-H "X-Authy-API-Key: $AUTHY_API_KEY"
$AUTHY_USER_ID is the individual Authy User ID for which you are
trying to move their TOTP factor to the Verify service.
$AUTHY_API_KEY is the API key for your Authy App.
The output will look like this:
{"secret":"[REDACTED]","otp":"[REDACTED]","success":true}
The secret is what you need to create a Factor in the Verify service
The otp is the one time passcode, the same as what the user would see in their TOTP consumer app (Authy/Google Authenticator/etc).
Now you can use the Verify API to create a new Factor:
curl -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Entities/$IDENTITY/Factors" \
--data-urlencode "Binding.Secret=$EXPORTED_AUTHY_SECRET" \
--data-urlencode "Config.Alg=sha1" \
--data-urlencode "Config.TimeStep=30" \
--data-urlencode "Config.CodeLength=6" \
--data-urlencode "Config.Skew=1" \
--data-urlencode "FriendlyName=John's Phone" \
--data-urlencode "FactorType=totp" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
$VERIFY_SERVICE_SID is the SID of your Verify Service.
$IDENTITY is a unique ID for your user, length between 8 and 64 characters, generated by your external system, such as your user's UUID, GUID, or SID. If the identity does not exist yet, it'll be created automatically as part of this API call.
$EXPORTED_AUTHY_SECRET is the secret that was returned by the Authy Export API earlier.
$TWILIO_ACCOUNT_SID is your Twilio Account SID.
$TWILIO_AUTH_TOKEN is your Twilio Auth Token.
This API call is documented here: https://www.twilio.com/docs/verify/quickstarts/totp#create-a-new-totp-factor
You can use the otp returned by the Authy Export API to verify the new Factor you created:
curl -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Entities/$IDENTITY/Factors/$FACTOR_SID" \
--data-urlencode "AuthPayload=$OTP_CODE" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
$FACTOR_SID is the SID of your newly created Factor.
$OTP_CODE is the otp code returned by the Authy Export API.
This API call is documented here: https://www.twilio.com/docs/verify/quickstarts/totp#verify-that-the-user-has-successfully-registered
That's it! If you want to verify your user's OTP code, you can create a challenge like this:
curl -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Entities/$IDENTITY/Challenges" \
--data-urlencode "AuthPayload=$OTP_CODE" \
--data-urlencode "FactorSid=$FACTOR_SID" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
$OTP_CODE is the otp code given to your application by your user.
This API call is documented here: https://www.twilio.com/docs/verify/quickstarts/totp#validate-a-token
When exporting from Authy API and creating new factors in Verify, you need to do this quickly so you can verify the new factor using the OTP code given from the Authy export. Here's how I did it for a single Authy user using a bash script:
#!/bin/bash
EXPORTED_RESPONSE=$(
curl -s "https://api.authy.com/protected/json/users/$AUTHY_USER_ID/secret/export" \
-H "X-Authy-API-Key: $AUTHY_API_KEY"
)
echo "$EXPORTED_RESPONSE"
EXPORTED_AUTHY_SECRET=$(echo -n "$EXPORTED_RESPONSE" | jq -r .secret)
OTP_CODE=$(echo -n "$EXPORTED_RESPONSE" | jq -r .otp)
IDENTITY=$(uuidgen)
NEW_FACTOR_RESPONSE=$(curl -s -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Entities/$IDENTITY/Factors" \
--data-urlencode "Binding.Secret=$EXPORTED_AUTHY_SECRET" \
--data-urlencode "Config.Alg=sha1" \
--data-urlencode "Config.TimeStep=30" \
--data-urlencode "Config.CodeLength=6" \
--data-urlencode "Config.Skew=1" \
--data-urlencode "FriendlyName=John's Phone" \
--data-urlencode "FactorType=totp" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN)
echo "$NEW_FACTOR_RESPONSE"
FACTOR_SID=$(echo -n "$NEW_FACTOR_RESPONSE" | jq -r .sid)
VERIFY_FACTOR_RESPONSE=$(curl -s -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Entities/$IDENTITY/Factors/$FACTOR_SID" \
--data-urlencode "AuthPayload=$OTP_CODE" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN)
echo "$VERIFY_FACTOR_RESPONSE"
The various environment variables that were described earlier should be set prior to executing this.
Current Jenkins parameter looks like below and <input_paramter> are the actual values to be substituted over there.
I have an idea on how to pass string parameters or json parameters separately but unsure how to handle them both simultaneously.
Referred Jenkins documentation as well as multiple questions posted on this forum, but could not figure that out.
curl -X POST https://myjenkins.instance/build \
-H 'Content-Type: application/json' \
--user user:token \
FILE_PATH="/home/mac/results" \
PACKAGE_VERSION=64 \
<how to handle the json parameters>
What is the proper way to make client_id a mandatory param for password grant type?
Using this request I want to make client_id a mandatory value and let the OAuth2 framework to compare it with the result returned into the method loadClientByClientId
curl --location --request POST 'http://localhost:8080/engine/oauth/token' \
--header 'Authorization: Basic YWRtaW46cXdlcnR5' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=admin' \
--data-urlencode 'password=qwerty' \
--data-urlencode 'client_id=some_value' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'scope=read_profile'
What is the best way to implement this?
You could try implementing a custom OAuth2RequestValidator with method validateScope(TokenRequest tokenRequest, ...) from the docs
Ensure that the client has requested a valid set of scopes.
which has access to TokenRequest.getRequestParameters()
EDIT
See also the docs for the TokenEndpoint
Clients must be authenticated (...) to access this endpoint, and the client id is extracted from the authentication token. (...)
I'm in the process of updating Keycloak straight from version 6.0.1 to 11.0.0, the db migration was successful and was able to login into admin console, however the token generation seems to be broken, I'm sending below curl to generate token
curl --location --request POST 'http://localhost:8480/auth/realms/test/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'username=testUser' \
--data-urlencode 'password=testPassword' \
--data-urlencode 'scope=testRole' \
--data-urlencode 'client_id=testService' \
--data-urlencode 'client_secret=testServiceSecret'
On sending above request Keycloak complains of Invalid Scopes: testRole, however I've verified the role and user role mappings are in place and this used to work well with Keycloak 6.0.1.
Just on side note, our clients are Full scoped, so it something that is causing issue? Or something else have got changed or is there a way to ignore invalid scopes altogether while generating token?
In my rails app I am using balanced payments api for credit card transactions. According to the documentation after I collect the info I must run these curl commands. However, I cant figure out what's what. So I can't really use it because I don't know what variables to replace and how to even get them. This is a snippet of their documentation.
Let's charge the card:
First, let's create an account to associate the card token with:
curl https://api.balancedpayments.com/v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0/accounts \
-u df6000d8f2ec11e294cf026ba7cd33d0: \
-d "card_uri=/v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0/cards/CCwpuGSqIjnOxUoUrSE4IdV"
Associate the token with an account:
curl https://api.balancedpayments.com/v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0/accounts/AC6VSiS3WD7G1z1BjrMIL4Kk \
-u df6000d8f2ec11e294cf026ba7cd33d0: \
-X PUT \
-d "card_uri=/v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0/cards/CC6XpIuz7jymGcPIkCREtx2K"
Debit the account:
curl https://api.balancedpayments.com/v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0/accounts/ACwPcWVArKDYEdOJ8bRHg9w/debits \
-u df6000d8f2ec11e294cf026ba7cd33d0: \
-d "amount=1000"
So I can understand that /v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0 is my test marketplace URI but what are these other values?
df6000d8f2ec11e294cf026ba7cd33d0
CCwpuGSqIjnOxUoUrSE4IdV
AC6VSiS3WD7G1z1BjrMIL4Kk
Any thoughts would be appreciated. Thanks!
Have you considered using the balanced ruby client?
https://github.com/balanced/balanced-ruby
https://docs.balancedpayments.com/current/api.html?language=ruby
Also, I believe they have an example marketplace Rails app:
https://github.com/balanced/rentmybikes-rails