How to implement fast 2FA (Two Factor Authentication) for users in Jordan
In this tutorial we will show you how you can easily send an SMS (Text Message) to mobile numbers in amman , Jordan using RESTFUL API (Application Programming Interface), in this tutorial we will create 2FA (Two Factor Authentication) which is very useful to secure online transactions, account sign ins, mobile apps, websites and more by providing 2-factor authentication with One-Time Passwords to your users.
Using this REST API, you can send and receive SMS messages, track the delivery of sent messages, and retrieve and modify messages.
This tutorial will walk you through the steps of setting up your own two-factor authentication service.
User enters your application
User visits your website or mobile app and attempts to log into his account, authorize a transaction, or perform another action that requires two-factor authentication from a new device.
User is prompted to enter his phone number
Restcomm receives the login attempt and prompts the user to enter his phone number in order to authorize the new device.
PIN code is sent to the user via SMS
Once the user enters a valid phone number, from your application you will need to ask Restcomm to send a verification code to that phone number by using the HTTP REST API Call Below.
Sending a verification code requires basic authorization that includes your account SID and auth token. Below is the format you have to use in order to send a verification code to the user’s phone number.
Sending One-Time Passwords – API Reference
Base Resource URI
https://cloud.restcomm.com
Verification Code Resource URI
/2fa/send
Supported Operations
HTTP POST: Send a verification code through SMS to the specified Phone Number
Request Parameters
| Parameter | Description |
|---|---|
|
service |
The name of your service |
|
from |
The Phone number that is sending the SMS containing the verification code. |
|
to |
The Phone number to send the SMS containing the verification code to. |
|
body |
The content of the SMS. Use {code} as a placeholder for the location of the verification code in your SMS content. This {code} will be replaced automatically with a random code generated by the system |
{
"service" : "Restcomm", // the name of your service
"from" : "MyApp", // the SMS sender phone number
"to" : "9627903200xx", // the SMS recipient phone number
"body": "Your verification code is: {code}" // SMS body, containing the verification code
}
In Jordan you’re required to fill this from to verify and whitelist your Sender ID with the MNO (Mobile Network Operator)
From the bash terminal you can run the command below:
curl -X POST \
https://cloud.restcomm.com/2fa/send \
--user ' {your_account_SID}:{your_account_token}' \
-H 'Cache-Control: no-cache' \
-H 'Content-Type: application/json' \
-d '{
"service" : "Restcomm",
"from" : "MyApp",
"to" : "9627903200xx",
"body": "Your verification code is: {code}"
}
User enters the PIN to complete app activation
User receives the one-time PIN code via SMS, gets back to your application and enters it in order to complete the verification process. Verifying the code is simple and requires basic authorization that includes your account SID and auth token.
Verifying One-Time Passwords – API Reference
Base Resource URI
https://cloud.restcomm.com
Verification Code Resource URI
\/2fa/verify
Supported Operations
HTTP Method: POST: Verify the code that was sent through SMS to the Phone Number
Request Parameters
| Parameter | Description |
|---|---|
|
service |
The name of your service |
|
number |
The Phone number where the SMS containing the verification code was sent to. |
|
code |
The verification code that was sent to the user through SMS. |
Example:
{
"service" : "Restcomm", // the name of your service
"number" : "+XXXXXXXXXX", // the phone number of the SMS recepient
"code": "XXXXX" // the verification code
}
From the bash terminal you can run the command below:
curl -X POST \
https://cloud.restcomm.com/2fa/verify \
--user ' {your_account_SID}:{your_account_token}' \
-H 'Cache-Control: no-cache' \
-H 'Content-Type: application/json' \
-d '{
"service" : "Restcomm",
"number" : "+13216549879",
"code": "294228"
}
You can also test your service using Postman or any other alike client.