Verify API - Code validity

📘

NOTE:

To add this product to your account, contact a Telesign expert. This product is available for full-service accounts only.

This page explains how to specify the length of the code validity duration, maximum number of attempts, and the length of the code generated by Telesign for any one-time passcode (OTP) method you use. This will enable you tailor verification to suit your needs such as specific limits to match your security requirements. Contact Telesign Customer Support to enable this feature and change the default values.

If this feature not enabled in your account, the default behavior of 300 seconds, 3 maximum attempts allowed, and a 6-digit code is used.

Code validity time duration

This value represents how long, in seconds, that the OTP is valid before an “expired” status response is sent via GET or callback. A few key points to keep in mind:

  • Select a duration from 60 to 300 seconds.
  • The default value is 300 seconds, which is also the maximum duration.
  • The duration is calculated from when a message is sent to a channel.
  • The timer for the duration is reset after each fallback.
  • Status code 3935, Code validity expired is returned for OTP that occur when the validity time duration has expired.

Max number of attempts

This value represents the maximum number of attempts that an end user is allowed to attempt to enter the correct OTP before an Attempts Exceeded status is sent via GET or callback. A few key points to keep in mind:

  • Select an integer between 1 and 5 for the max number of attempts.
  • The default value for maximum number of attempts allowed is 3.
  • If the value specified exceeds the maximum number attempts allowed, status code 3904, Verification failed is returned.

Code length

This value allows you to specify the length of the OTP generated by Telesign. A few key points to keep in mind:

  • Select an integer from 3 to 10 digits long.
  • The default value is 6 digits.