Why not just use Google Authenticator? We want the following user experience: When they enter the correct username and password to log into their account on our website, we would trigger a push notification to their device via the app, and then they would tap Approve/Deny, which response would be sent back to our server (or obtained by polling) to complete the authentication process. (We build all our login/authentication features with custom server code and are comfortable working directly with REST APIs.) We also need the system to provide an Android/iOS app that users can easily install and pair with their website account (perhaps via one-time numeric or QR code). We need a system that provides an API for us to enroll users and send/receive authentication success/failure messages. Once configured with your 2FA tokens, the Authy app can be used to provide updated codes without the need for a constant internet connection.We are looking for a service/API/library to help us implement a push-based two-factor authentication (2FA) system to supplement the existing SMS-based 2FA on our website. If your user is unable to receive calls or messages, they may have better results using the Authy app. Use the Authy app for 2FA codes (for Authy API only) To successfully receive a 2FA code, the number used can’t be behind an extension or go straight to voicemail. Please note, this method will require the user to answer a live phone call, as they will need to enter codes into the phone. If 2FA codes are not arriving via SMS, have your end user attempt to receive the token via phone call. Phone calls usually arrive much faster than SMS, and can be a good alternative to users experiencing issues receiving messages. Notice: If you are experiencing continued, repeatable SMS delivery issues to the same destination country with Verify, please collect 3 or more logs from the last 24 hours, and then escalate these issues to our Twilio Messaging Support team. Have the end user download and install the Authy app (for Authy API verification only).Attempt to deliver OTPs via a phone call.If you can rule out all of the above issues, and non-Authy/Verify text messages are working correctly, an alternative to sending SMS OTPs may be a better temporary solution: Can other devices using the same mobile carrier receive your messages?.Can the device receive SMS from other sources? Some mobile providers may block messages from certain senders or number types - check with the carrier for more details.Is the device connected to the home carrier's network? Message delivery on devices roaming internationally, or off-network, are more likely to fail due to the extra message hops involved and some users having restrictive messaging plans.Does their device have sufficient signal? If not, have them power the device off, wait 30 seconds, and then power it back up.Do you have the right phone number on file for your end user?.If end users are reporting missing OTP SMS from your app, please troubleshoot with the following checklist: If your OTP message shows that it was successfully delivered, you'll want to check with your end user to ensure they are able to successfully receive text messages. Here's an example of what a failed message looks like:Ĭlick the timestamp of a failed attempt to view more details about the message, including a link to troubleshooting for any error codes present. These records show the SMS's delivery status, and any error codes flagged in the delivery of the message. Records from OTP messages sent via Verify can be found in your service's Logs in Console. That said, there are several steps that can be taken for troubleshooting message delivery. SMS is considered a “best effort protocol”, as we can only confirm the message has been successfully delivered to the sending carrier. Any requests sent to the API after May 1, 2023, will automatically receive an error. Notice: After November 1, 2022, we started to deprecate the service for SMS/Voice in the Authy API. This guide covers some of the most common issues developers may encounter, as well as workarounds. Authy and Verify One-Time-Passcodes (OTPs) sent via SMS text messages may not arrive at their destination due to a number of possible causes.
0 Comments
Leave a Reply. |