TRex

SMS authentication

0 votes
I'm trying to use SMS authentication for my signers, but I can't figure out how to format this in my JSON. Any ideas?

Approved Answer

Reply to: SMS authentication

4 votes
Hey Rex, When you set up SMS authentication, you'd just set the mobile number as the "question" with no "answer". It would look something like:
"auth": {
     "scheme": "SMS",
     "challenges": [{
           "question": "+15555555555"
     }]
}
Hope this helps.

- Michael

Director, Partner and Developer Technologies, OneSpan

Facebook - Twitter - LinkedIn


Reply to: SMS authentication

0 votes
Thanks again, Michael.

Reply to:

0 votes

Hi, Michael

 

Thanks for the solution,

 

is there any restriction on the length of the mobile phone number?
 

As different countries around the world have different formats for their phone numbers. so how to handle this?

 

 

Regards,

Madeva


Reply to: SMS authentication

0 votes

Hi Madeva,

 

The SMS length limitation varies when the country code changes. Here's how it works internally: the third-party library OSS is utilizing will first detect the first few digits for country code, and if detected, it will keep detecting area code if applicable, and finally check rest digits against the format. So when the country code is clear, the length should be fixed, for example:
A particular canadian number, the standard format is: starting with "1", following with 3 digits area code, then 7 digits number. If you input as "15141234567", (514 is montreal area code), no shorter or longer digits are acceptable.

 

Duo

Duo Liang OneSpan Evangelism and Partner Integrations Developer


Reply to: SMS authentication

0 votes

Hi Madeva,

 

If it's a format error like unrecognized country code, or wrong length if country code is recognizable, you can expect the API to return an 400 error for such validations:

{
    "messageKey": "error.validation.invalidPhoneNumber",
    "message": "TOO_LONG",
    "code": 400
}

(The "message" may not reflect the real issue though)

 

However, if it only failed when delivering the text messages, I'm afraid there's no specific callback for this event for now. The callback event which matches this scenario the most might be the "Recipient locked", which gets triggered when the signer failed to validate for too many times. 

 

Duo

 

Duo Liang OneSpan Evangelism and Partner Integrations Developer


Hello! Looks like you're enjoying the discussion, but haven't signed up for an account.

When you create an account, we remember exactly what you've read, so you always come right back where you left off