Verify API - Verify with Telesign code
NOTE:
To add this product to your account, contact a Telesign expert. This product is available for full-service accounts only.
This page walks you step-by-step through how to use Telesign Verify API to send a message using your preferred channel to an end-user with a verification code generated by Telesign. It also explains how to test if input from an end-user matches that code, so you can complete verification.
NOTE:
Keep in mind that there are two options for generating the code: you can either generate it yourself or we can generate it for you.
Before you begin
- Ensure that you have set up the required integrations for each communication channel you intend to use. For SMS, register for a Sender ID. For WhatsApp, Viber, RCS, and email, follow the setup instructions.
- (Optional) Contact our Customer Support Team to configure any of these optional features:
- Fixed routing by country: Fixed routing allows you to manage verification methods for each country.
- Code validity: You can change time duration in seconds after which a verification code expires. The default time is 300 seconds.
- Code length: You can specify the length of the OTP generated by Telesign. Length can range from 3 to 10 digits. Default value is 6 digits.
- Fallback times: You can change time to wait before cascading to the next channel. The default fallback times are either 60 or 120 seconds, depending on the verification method.
- Max attempts: The maximum number of attempts that an end user is allowed to attempt to enter the correct OTP. If this number is five, for example, an end user's sixth submission is rejected, even if it matches the original code.
- Templates: You can create templates for each channel.
Send OTP
Keep the reference pages Create a verification process and Retrieve a verification process open in another window while you work on these steps.
Send the request
- Send a Create a verification process request to the Verify API. Include the following param values:
Parameter | Value | Description | Required? |
---|---|---|---|
recipient.phone_number | Digits without spaces or special characters, beginning with the country dialing code. | The recipient's phone number | yes |
verification_policy[0].method | A name of the preferred verification method. | One of the verification methods included in a verification policy. | Required only if the preferred verification method for this request is not already defined as the primary verification method for this account's default verification policy. |
verification_policy[0].fallback_time | A time in seconds. | The time window in seconds that the service waits before abandoning the current verification method and then initiating verification using the next method. | No. In case you don’t specify the fallback time, default fallback time is used. |
verification_policy[1].method | A name of the fallback verification method. | One of the verification methods included in a verification policy. This is your backup method. | No, but recommended in case your recipient cannot be reached by the preferred verification method. |
message_template.name | A string consisting only of lowercase alpha characters and underscores. | A name of the template that is used for this request. | No. If you do not declare a template, Verify API will use a default template. |
Note that the security_factor
is not included in the table, as it should not be provided if you would like Telesign to generate a code for you.
Request
POST /verification HTTP/1.1
Authorization: Basic 12345678-9ABC-DEF0-1234-56789ABCDEF0:Uak4fcLTTH/Tv8c/Q6QMwl5t4ck=
Content-Type: application/json; charset=utf-8
Host: verify.telesign.com
{
"recipient": {
"phone_number": "11234567890"
},
"verification_policy": [
{
"method": "whatsapp",
"fallback_time": 30
},
{
"method": "sms",
"fallback_time": 30
}
],
"message_template": {
"name": "verification_template"
}
}
- The service then sends a message, replacing the
{{otp_code}}
variable in the message template with the code generated by Telesign. In this example, the preferred channel is WhatsApp. If the WhatsApp channel fails, the fallback method is SMS.
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"reference_id": "0123456789ABCDEF0123456789ABCDEF",
"recipient": {
"phone_number": "11234567890"
},
"state": "ONGOING",
"verification_policy": [
{
"method": "whatsapp",
"fallback_time": 30
},
{
"method": "sms",
"fallback_time": 30
}
],
"status": {
"code": 3901,
"description": "Request in progress"
}
}
- Save the value of the property
reference_id
from the response. You will need it to complete the verification flow. - The
status.code
andstatus.description
properties in the response indicate the preliminary delivery status of the SMS.
NOTE:
The
status.code
property gives you status of delivery to the destination carrier, not necessarily all the way to the end-user.
Complete verification and get delivery status
Once your end-user has submitted a potential code through your application, complete the verification flow with a second API call.
- Send an Update a verification process request to the Verify API. This is to provide Telesign with the asserted OTP from the end user.
- Include the
reference_id
for the transaction in thereference_id
path parameter.
Parameter | Value | Description | Required? |
---|---|---|---|
action | finalize | Specifies how you want to change the verification state for this verification process. | yes |
security_factor | A string consisting of a series of numeric digits. | The end user's asserted one-time passcode (OTP). | yes |
Request
PATCH /verification/0123456789ABCDEF0123456789ABCDEF/state HTTP/1.1
Authorization: Basic 12345678-9ABC-DEF0-1234-56789ABCDEF0:Uak4fcLTTH/Tv8c/Q6QMwl5t4ck=
Content-Type: application/json; charset=utf-8
Host: verify.telesign.com
{
"action": "finalize",
"security_factor": "5724433"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"status": {
"code": 3900,
"description": "Verified"
}
}
- The
status.code
andstatus.description
properties in the payload of that response indicate the delivery status all the way to the end-user.
Updated about 1 month ago