Silent Verification API - Overview

Use this API to verify an end user via mobile device data associated with their device, without any additional action by the end user.

General Requirements

  • Base URL: verify.telesign.com
  • Protocols: https
  • Authentication: Basic
  • Encoding: Accepts only UTF-8 unicode characters as inputs.
  • Accepts: application/json
  • Responds With: application/json
  • Required Headers: Content-Type - json

Basic Usage

Step 1: Initiate Verification

a. USER initiates login on your website or app (CLIENT).

b. CLIENT checks if device is connected to a mobile network or a wireless network. If connected to a wireless network, CLIENT connects the device to a mobile network instead, but saves the original connection details.

❗️

WARNING

If connection to a mobile network cannot be established, you cannot use Silent Verification. We recommend adding a fallback verification method like our SMS Verify API.

c. CLIENT sends a request to initiate login to your SERVER.

d. SERVER makes a request to TELESIGN to initiate verification, including the user's phone number.

e. TELESIGN responds to this request with requirements for the CLIENT to make a verification call directly to the carrier (including a verification URL) and a TeleSign reference ID (that identifies this whole verification-flow instance).

f. SERVER sends those verification call details to the CLIENT.

Step 2: Establish Session

a. CLIENT makes a request directly to CARRIER at that verification URL. Automatic header enrichment provides the device details that the CARRIER uses to check if this verification is legitimate or not.

b. CARRIER responds to CLIENT.

Step 3: Finalize Verification

a. Once it receives the response (regardless of success or failure), CLIENT takes the payload of that response, stringifies it, and includes it in the payload of a request to your SERVER to finalize registration.

b. SERVER makes a request to TELESIGN to finalize verification that both passes on that verification string and also includes the reference ID from earlier for this whole verification attempt.

c. TELESIGN checks with the CARRIER, and then sends a response to the SERVER telling you if the verification match was successful or not.

d. SERVER logs in the CLIENT or sends them an error failing login, based on this verification status.

e. CLIENT renders the appropriate experience for the USER (logged-in or error state).

f. If the device was originally connected to a wireless network before initiating Silent Verification, CLIENT switches it back to the original wireless network connection settings selected by the USER.

Documentation by Category

  • Reference: Go here if you are familiar with the API at a high-level, and want to look up technical specs for the API and each of its actions.
    • POST /silent/initiate - Use this action to initiate silent verification of a user.
    • POST /silent/finalize - Use this action to check for final verification status, after the client receives a response from the carrier.

Did this page help you?