The Plivo Verify API lets you programmatically authenticate users via 2FA using SMS and voice calls.
  • Programmatically send one-time passwords (OTP) to users in 190+ countries. Our direct carrier connections and optimized routing ensure high delivery rates and low latency.
  • Take advantage of competitive pricing. Simple usage-based billing means you pay only for what you use.
  • Add verification to your applications in minutes with ready-to-use templates and Getting Started guides.

Life of a 2FA code

Here’s how Plivo generates and uses 2FA code. “Code” is just another way of saying “one-time password.”
  1. Your application uses Plivo’s Verify API to generate a code for your user.
  2. Plivo sends the code to telecom networks using it’s global network to be delivered to the destination phone number.
  3. Plivo returns the delivery status to your application.
  4. The user enters code they received in your web page or application.
  5. You validate that code using the Verify API.

How to use Verify

To start sending codes, you must first set up an application on the Plivo console. An application dictates factors such as the length of the OTP, message expiry interval, and the template to be used. A template defines the context in which the OTP is delivered: “Your ${brand} verification code is ${code},” for example. Once your application is set up, you can start sending messages to users by specifying the application ID and a user’s phone number. Plivo will generate an OTP on your behalf and send it per the template that you specified in your application. You can choose the channels that you want to use — SMS, voice, or both. Plivo provides callbacks that tell your application whether the OTP was delivered. When a user enters an OTP in a web page or an application, you can validate it using the same Verify API. And you can fetch details of one or all OTP requests by using our APIs or checking the console.

Conclusion

The Verify API makes it easy to send OTPs to users over Plivo’s enterprise-grade cloud communications platform. With Verify, you don’t have to manage compliance or security issues. We’ve written several resources to help you get started: