Skip to contentSkip to navigationSkip to topbar
Twilio Docs
On this page

Twilio Verify Phone Verification Ruby on Rails Quickstart

(warning)

Warning

Verify v1 API has reached End of Sale. It is now closed to new customers and will be fully deprecated in the future.

For new development, we encourage you to use the Verify v2 API. v2 has an improved developer experience and new features, including:

  • Twilio helper libraries in multiple languages
  • PSD2 Secure Customer Authentication Support
  • Improved Visibility and Insights

Existing customers will not be impacted at this time until Verify v1 API has reached End of Life. For more information about migration, see Migrating from 1.x to 2.x.

Phone Verification is an important, high-confidence step in a registration flow to verify that a user has the device they claim to have. Adding Twilio Verify phone verification to your application will greatly reduce your number of fraudulent registrations and protect future application users from having their numbers registered by scammers.

This quickstart guides you through creating a Ruby(link takes you to an external page), Rails(link takes you to an external page) and AngularJS(link takes you to an external page) app that requires a phone verification step to create an account. Two channels of Phone Verification are demoed:

  • SMS
  • Voice

Ready to add phone verification to a demo app? Enter stage left!

Sign Into or Create a Twilio Account

sign-into-or-create-a-twilio-account page anchor

Either sign up for a free Twilio trial, or sign into an existing Twilio account(link takes you to an external page).

Create a New Account Security Application

create-a-new-account-security-application page anchor

Once logged in, visit the Authy Console(link takes you to an external page). Click on the red 'Create New Application' (or big red plus ('+') if you already created one) to create a new Authy application then name it something memorable.

Authy create new application.

Twilio will redirect you to the Settings page next:

Account Security API Key.

Click the eyeball icon to reveal your Production API Key, and copy it somewhere safe. You will use the API Key during the application setup step below.

Clone and Setup the Verification Application

clone-and-setup-the-verification-application page anchor

Start by cloning our Ruby on Rails repository.(link takes you to an external page) Enter the directory and use bundle to install all of our dependencies:

bundle install
  1. Open the file config/application.example.yml
  2. Change ACCOUNT_SECURITY_API_KEY to the API Key from the above step
  3. Now, save the file as config/application.yml

If your file is saved as config/application.yml, the server will load it automatically as it starts up.

Enter an Application API Key

enter-an-application-api-key page anchor

Enter the API Key from the Authy console and optionally change the port.

ACCOUNT_SECURITY_API_KEY: YOUR APP_KEY

Next, create the tables:

bin/rails db:migrate

And then... actually, that's all the setup you'll need.

Now, launch the application with:

rails server

Assuming your API Key is correctly entered, you'll soon get a message that the app is up!

Use the Ruby on Rails Verify Phone Verification Demo

use-the-ruby-on-rails-verify-phone-verification-demo page anchor

Keeping your phone at your side, visit the Phone Verification page of the demo at http://localhost:3000/verification/(link takes you to an external page)

Enter a Country Code and Phone Number, then choose which channel to request verification over, 'SMS' or 'CALL' (Voice). Finally, hit the blue 'Request Verification' button and wait.

Phone Verification by SMS or Voice.

You won't be waiting long - you'll receive a phone call or SMS with the token. If you requested a phone call, as an additional security feature you may need to interact to proceed (enter a number on the phone keypad).

Send a Phone Verification via SMS or Voice

send-a-phone-verification-via-sms-or-voice page anchor

This function allows you to send the verification code over SMS or Voice depending on the 'via' variable.

1
require 'authy'

2


3
class Api::VerifyController < ApplicationController

4
  def start()

5
    phone_number = params[:phone_number]

6
    country_code = params[:country_code]

7
    via = params[:via]

8


9
    if !phone_number || !country_code || !via

10
      render json: { err: 'Missing fields' }, status: :internal_server_error and return

11
    end

12


13
    response = Authy::PhoneVerification.start(

14
      via: via,

15
      country_code: country_code,

16
      phone_number: phone_number

17
    )

18


19
    if ! response.ok?

20
      render json: { err: 'Error delivering code verification' }, status: :internal_server_error and return

21
    end

22


23
    render json: response, status: :ok

24
  end

25


26
  def verify()

27
    phone_number = params[:phone_number]

28
    country_code = params[:country_code]

29
    token = params[:token]

30


31
    if !phone_number || !country_code || !token

32
      render json: { err: 'Missing fields' }, status: :internal_server_error and return

33
    end

34


35
    response = Authy::PhoneVerification.check(

36
      verification_code: token,

37
      country_code: country_code,

38
      phone_number: phone_number

39
    )

40


41
    if ! response.ok?

42
      render json: { err: 'Verify Token Error' }, status: :internal_server_error and return

43
    end

44


45
    session[:authy] = true

46
    render json: response, status: :ok

47
  end

48
end

Either way you request the passcode, enter the token into the Verification entry form and click 'Verify Phone':

Phone Verification Entry Box.

Verify a Token

verify-a-token page anchor

This function verifies the token for a user delivered over the Voice or SMS channel.

1
require 'authy'

2


3
class Api::VerifyController < ApplicationController

4
  def start()

5
    phone_number = params[:phone_number]

6
    country_code = params[:country_code]

7
    via = params[:via]

8


9
    if !phone_number || !country_code || !via

10
      render json: { err: 'Missing fields' }, status: :internal_server_error and return

11
    end

12


13
    response = Authy::PhoneVerification.start(

14
      via: via,

15
      country_code: country_code,

16
      phone_number: phone_number

17
    )

18


19
    if ! response.ok?

20
      render json: { err: 'Error delivering code verification' }, status: :internal_server_error and return

21
    end

22


23
    render json: response, status: :ok

24
  end

25


26
  def verify()

27
    phone_number = params[:phone_number]

28
    country_code = params[:country_code]

29
    token = params[:token]

30


31
    if !phone_number || !country_code || !token

32
      render json: { err: 'Missing fields' }, status: :internal_server_error and return

33
    end

34


35
    response = Authy::PhoneVerification.check(

36
      verification_code: token,

37
      country_code: country_code,

38
      phone_number: phone_number

39
    )

40


41
    if ! response.ok?

42
      render json: { err: 'Verify Token Error' }, status: :internal_server_error and return

43
    end

44


45
    session[:authy] = true

46
    render json: response, status: :ok

47
  end

48
end

And with that, your demo app is protected with Twilio's Verify! You can now log out to try the other channel.

What's Next?

whats-next page anchor

Your demo app is now keeping fraudulent users from registering with your business and polluting the database. Next, check out all of the variables and options available to you in the Verify API Reference. For protecting your customers in an ongoing manner (with this same codebase) try the Ruby on Rails Authy Two-Factor Authentication Quickstart.

After that, take a stroll through the Docs for more Account Security demos and tutorials - as well as sample web applications using all of Twilio's products.

Need some help?

Terms of service
Privacy Policy

Copyright © 2024 Twilio Inc.