TRex | Posts: 5

SMS authentication

0 votes
I'm trying to use SMS authentication for my signers, but I can't figure out how to format this in my JSON. Any ideas?

Approved Answer
mwilliams | Posts: 957

Reply to: SMS authentication

4 votes
Hey Rex, When you set up SMS authentication, you'd just set the mobile number as the "question" with no "answer". It would look something like:
"auth": {
     "scheme": "SMS",
     "challenges": [{
           "question": "+15555555555"
     }]
}
Hope this helps.

TRex | Posts: 5

Reply to: SMS authentication

0 votes
Thanks again, Michael.

Madeva | Posts: 29

Reply to:

0 votes

Hi, Michael

 

Thanks for the solution,

 

is there any restriction on the length of the mobile phone number?
 

As different countries around the world have different formats for their phone numbers. so how to handle this?

 

 

Regards,

Madeva


Madeva | Posts: 29

Reply to:

0 votes

Sorry for the multiple posts, due to the bad network caused multiple posts.

 

 

Regards,

Madeva


Duo_Liang | Posts: 3776

Reply to: SMS authentication

0 votes

Hi Madeva,

 

The SMS length limitation varies when the country code changes. Here's how it works internally: the third-party library OSS is utilizing will first detect the first few digits for country code, and if detected, it will keep detecting area code if applicable, and finally check rest digits against the format. So when the country code is clear, the length should be fixed, for example:
A particular canadian number, the standard format is: starting with "1", following with 3 digits area code, then 7 digits number. If you input as "15141234567", (514 is montreal area code), no shorter or longer digits are acceptable.

 

Duo


Madeva | Posts: 29

Reply to:

0 votes

Hi Duo,

 

Thanks for the reply,

I need to understand how to handle when we give an invalid mobile number while the configuration of 2 factor SMS authentication!

do we have an event to track that?

 

Regards,

Madeva


Duo_Liang | Posts: 3776

Reply to: SMS authentication

0 votes

Hi Madeva,

 

If it's a format error like unrecognized country code, or wrong length if country code is recognizable, you can expect the API to return an 400 error for such validations:

{
    "messageKey": "error.validation.invalidPhoneNumber",
    "message": "TOO_LONG",
    "code": 400
}

(The "message" may not reflect the real issue though)

 

However, if it only failed when delivering the text messages, I'm afraid there's no specific callback for this event for now. The callback event which matches this scenario the most might be the "Recipient locked", which gets triggered when the signer failed to validate for too many times. 

 

Duo

 


luana.fernandes | Posts: 9

Reply to:

0 votes

Hi Michael! Thanks for your answer!

What if I wanted to authenticate using a certificate, what would be the scheme name?

Thank you!


luana.fernandes | Posts: 9

Reply to:

0 votes

Hi Michael! Thanks for your answer!

What if I wanted to authenticate using a certificate, what would be the scheme name?

Thank you!


Hello! Looks like you're enjoying the discussion, but haven't signed up for an account.

When you create an account, we remember exactly what you've read, so you always come right back where you left off