In my app user needs to verify his phone number to complete the registration process means when the user tries to register with phone number, a verification code will be send to his device. on inserting the code, the app should allow him to register , regarding this I am using twilio as SMS gateway. Does anybody has a sample code, so that I can through the code to check how this process is going to intiate.
Twilio developer evangelist here. There are a variety of blog posts that show you how to accomplish this around the Internet. For example:
A phone verification system with PHP and MySQL
Phone verification with Ruby and Rails
Phone verification using JavaScript and Parse
Or, if you want something even easier, Authy is a service that handles all the verification you need through just a few API calls.
Hope this helps.
Related
We currently have a solution where we implement 2FA ourselves over Twilio Programmable SMS.
We're also using Twilio Verify for Payment PSD2 authorization.
We're now looking to migrate everything to Authy to make use of the Authy app and I have the following questions that I'm hoping you can help me with.
User Migration. I understand in authy, users need to be registered to our application. How can I register all our current users? Is there any way to bulk upload them, or do I have to write a script that calls the API to register them one by one?
User Number phone update. Sometimes our users will update their phone or email in our system. If that happens, how do I update that info in Authy? I couldn't find anything in the docs about that. Do I need to call the api to remove the user and readd with the new info?
Migrating from Verify PSD2 to Authy PSD2. Is the implementation very different? Is there any sample I can look through, as the documentation seems to mainly be talking about QR codes, while what we want to do, is to send it over SMS or Authy depending on the user's choice.
Thanks for your help
Sam
Twilio developer evangelist here.
You will need to write a script to register your users. When you have registered a user, you will receive an authy_id for the user, which you will need to store with your user record.
If a user updates their phone number then you should update the Authy user. To do so, you will want to delete the old user and re-register with the new phone number. You will then receive a new authy_id and you should re-confirm the user can authenticate by challenging them for a new code before you complete the update. If the user updates their email then you can do the same process of deleting and creating a new user though you should receive the same authy_id back if the phone number hasn't changed (though this will add the email address to Authy's representation of the user).
Check the documentation on PSD2 compliant authentication with Authy here. If you are sending SMS messages, then you should set the action and action_message parameters, which tie the message to the authentication. For the app based authentications you can do it via Push Notifications (in which you can include transaction details in the push). If you don't want to implement push, then you do need to get your user to scan a QR code in order to tie the transaction to the authentication (the regular code generated by the app is not connected to a transaction, so is ineligible for PSD2 authentication).
Let me know if this helps at all.
Hey Guys I have an upgraded paid Twilio account and I'd like to send SMS without phone number verification through my Rails app.
Is there a way to do this?
Please advise
Thank you
Twilio developer evangelist here.
The phone number verification for SMS is only a restriction to trial accounts. Once you have upgraded your account you will be able to send SMS messages to any number (though we recommend you get consent for that activity from the end user, of course).
If you are finding that you can't send messages without verifying the number and you have upgraded the app, then please get in touch with Twilio support and they will figure out what is wrong with your account.
I'm confused on how exactly to verify a phone with Authy.
I have a C#/MVC view that accepts a country code and phone number and I call AuthyClient.RegisterUser and that works fine. I store the AuthyId that comes back.
I then call AuthyClient.SendSms with force=true. <--- does this send them a verification code?
My test user didn't even enter a code on my site and in Twilio, he's showing as verified. Is that because he opened up the Authy app after getting registered?
Are there multiple ways to verify a phone then?
Twilio developer evangelist here.
The API requests you are making here, starting with the call to AuthyClient.RegisterUser is actually the way that you perform two factor authentication with the Authy APIs.
To verify a phone with Authy you only need to make two API calls. The first sends a verification code and the second requires the user to input the code they received and then verifies it.
I can see you're using the authy.net library, which is sadly archived on GitHub now because it wasn't kept up to date. I'm not a .NET developer, but from what I can see in the codebase it didn't support the Verify endpoints. For this reason, I'd recommend you construct the HTTP requests yourself.
Take a read through the Verify documentation, it has all the URLs you need to make requests to including the required parameters. Let me know how you get on with that.
my client has registered to Twilio from US. I am developer and using Twilio service for testing purpose in India. I am sending text message to send One time password(OTP) to a mobile no in India for which DND is activated. I am not able to receive OPT via text message. Help me.
Twilio developer evangelist here.
I'm afraid the DND list is the top limitation of Twilio in India right now. You can check the details here.
You could, if you were interested, try using Authy (a different Twilio service) to send OTPs to your users. If they have a smart phone, they can then install the Authy application and generate their OTPs on their devise without the need for an SMS. Check out the Authy documentation for how to get started.
I've seen several applications that use Twilio for SMS verification go from:
Sending the user a 4-5 digit code to enter on their handset
to
Pre-filling a 32+ character SMS message that the user sends from their device to the services Twilio number.
Is there any documentation out there on how to implement an approach like this?
Twilio evangelist here.
It sounds like your asking two different questions, one regarding two factor authentication and one regarding autocreating an SMS message on the device for the user to sent to Twilio.
If I've got that correct, then I'd start be working through the Two-Factor Authentication How To article that walks through setting up SMS-bsased two factor authentication.
Another resource to check out is the Add Two-Factor Authentication to your Website with Google Authenticator and Twilio SMS blog post.
As far as generating a text message on a device, I think that is going to greatly depend on what kind of mobile device you are targeting.
Hope that helps.