Docs
BetaSDKsGet startedTalk to salesSign inSupportStatusPricing

App Verify API - Review required permissions

The Telesign App Verify API allows you to easily integrate frictionless phone number verification on iOS and Android using flash calls. This page describes permissions you will need to take into consideration when designing your app.

Follow the latest guidance for Android permissions

It is important to note that Android's permission model has evolved over time, introducing more stringent controls to protect user privacy. As of Android 6.0 (Marshmallow), apps must request certain permissions at runtime, and subsequent versions have continued to refine these requirements.

For instance, accessing call logs has become more restricted. To implement frictionless app verification using the App Verify API, your app must have permission from Google to access call logs. Without this permission, you would need to use the missed call verification method, where the end user manually enters the verification code. (See Review the app verification flow for more information).

Consult these pages and other Android guidance pages to ensure that you are following the latest requirements:

Given these updates, it's crucial to review the latest Android documentation and Telesign's guidelines to ensure your app complies with current permission requirements and best practices. This will help maintain the security and privacy of your users while ensuring the proper functioning of the App Verify API.

Required permissions

Beginning with Marshmallow, you must explicitly request certain permissions you need for your application. This section displays all permissions you may potentially need.

  • android.permission.READ_PHONE_STATE - You must ask the end user to grant this permission.) Allows read only access to the phone's state, and is used to determine the status of any ongoing calls. You need this permission so you can verify that your end user receives a flash call from Telesign.

  • android.permission.CALL_PHONE - (When you ask the end user to grant the READ_PHONE_STATE permission, Android bundles this one in with it.) You need this permission so you can cancel phone calls from Telesign.

  • android.permission.INTERNET - Allows applications to open network sockets.

  • android.permission.ACCESS_NETWORK_STATE - Allows applications to access information about networks.

  • android.permission.READ_CALL_LOG - Allows applications to access end user’s call logs, for the purpose of reading verification codes.

Updated 13 days ago

© 2025 Telesign / Terms & Conditions / Privacy Notice / Privacy Hub