TeleSign is a CPaaS (Communication Platform as a Service) platform that offers programmable voice and SMS services over the cloud.
In this blog post, you will learn to set up a SMS based verification service for achieving two-factor authentication using the Telesign’s SMS Verify API. This API allows online service providers the ability to send SMS passcodes to users to verify their credentials through mobile.
TeleSign SMS Verify API is integrated with Rakuten Rapid API so you can use it straight out of your account.
In case you don’t have an account on Rakuten Rapid API, sign up now and get your universal API key to access the TeleSign SMS Verify API and thousands of other APIs hosted on Rakuten Rapid API.
Setting Up Telesign SMS API
Log on to your Rakuten Rapid API account and search for SMS. You can see a bunch of SMS APIs that are hosted on our platform.
You should be able to quickly locate the Telesign SMS Verify API from the search results.
Click on the TeleSign SMS Verify API and you will be presented with the API console.
TeleSign SMS Verify API is a paid service, hence you need to choose from one of the available pricing plans under the pricing tab.
To try out this service you can subscribe to the $1/month BASIC plan.
Let’s go ahead and explore the TeleSign SMS Verify API.
TeleSign SMS Verify API Overview
SMS based verification is one of the most widely used methods for 2FA (Two-factor Authentication). Due to the scale of Internet usage, it is no longer safe to just rely on a password for securing access to online services. A 2FA mechanism allows service providers to gain evidence about the authenticity of the user’s actions through an alternate mechanism, which, in this case, is the smartphone.
So how can you leverage TeleSign SMS Verify API? Here are some use cases.
User Account Verification
If you are building a web-based service that requires users to login, then apart from the usual username & password-based authentication, you can additionally verify the user’s authenticity by sending them a passcode on their smartphone. This is one of the most secure ways of logging in, Since a smartphone is a personal device only accessible to the user, the user’s account is not compromised even if the password gets revealed.
Phone Number Validation
There are a lot of services that are based on mobile apps. In such cases, it is important to verify the phone number of the user’s mobile/smartphone before they even start using the service. A one-time passcode sent to the user’s phone suffices the verification step if the user enters the same passcode on the verification screen of the app.
We hear about users availing services from eCommerce stores, payment wallets and OTT subscriptions all the time. Since these transactions are monetary in nature, it is always better to have an additional guard at the payment process to prevent misuse of the user’s account. A one-time password (OTP) sent via SMS to the user’s phone ensures that each transaction is authorized by the user after seeing the OTP.
SMS API Endpoint
The TeleSign’s SMS Verify API is really a very simple and straightforward API call that accepts a phone number and the passcode.
To test this API from the Rakuten Rapid API console, enter your phone number in the phoneNumber field (by prefixing the country code without the ‘+’ sign) and enter some random code in the verifyCode field. Click on “Test Endpoint” and you should see a successful API response.
And within a few seconds, you should also get an SMS on your phone with the value that you entered for verifyCode field.
Did you get that? That’s all about using this API. It can’t get simpler than that.
In case you didn’t get the SMS, make sure that you keyed in the right phone number and also check the API response. If you got a non 2XX HTTP response then there can be an issue with TeleSign’s coverage in your country. You can request for coverage details from TeleSign to check if your country or carrier is supported by them.
Sending SMS Programmatically
For real-world applications, you can call the TeleSign SMS Verify API endpoint programmatically using your favorite programming language.
The Rakuten Rapid API console provides code snippets for invoking the APIs. Choose the language and the library and you will have it displayed.
Here is a quick and short python program to call this API using the Python2 unirest library.
Copy this code in a text editor, replace the <YOUR_RAKUTEN_RAPIDAPI_KEY> and <YOUR_RAKUTEN_RAPIDAPI_HOST> placeholders with your API key and host domain displayed under the “Header Parameters” section in the API console, and save the file.
You must also ensure that you have the Python unirest library installed under your Python2 runtime environment. This library is used to invoke the API call from within the Python code. In case you don’t have it, use the pip utility to install it,
pip install unirest
Now you can run the program. It will prompt you to enter a phone number and passcode. Afterward, you should see the SMS coming with the same passcode.
You can integrate this code in the backend server logic of an application that handles 2FA for user login The typical sequence of events for handling 2FA with this API will be like this.
Do More With SMS APIs
Under the basic plan, TeleSIgn does not provide a custom phone number. However, you can purchase a phone number from TeleSign directly and use that as a sender phone number for SMSs. That way, the SMS message will look more genuine.
Additionally, you can try out the other TeleSign APIs integrated with Rakuten Rapid API.
In case you are looking for more options for SMS APIs, we have got you covered. Check out our Top 10 SMS APIs and take your pick.
That’s it for now. We will be back soon with yet another API tutorial to ease your development chores. Good luck with TeleSIgn SMS Verify and do not hesitate to contact us in case you need any support.