Send an SMS verification code in 5 minutes
Time to read: 3 minutes
June 22, 2023
Written by
Reviewed by
One-Time Passcodes (OTPs) are a simple and effective way to verify someone's phone number at sign up for ongoing login verification, preventing bots, ensuring deliverability to the right person, and more.
Phone number verification can decrease fraud and increase deliverability and trust. Luckily the Twilio Verify API makes it easy to send and check OTPs. Let's see how to get started with Verify in under 5 minutes.
What is the purpose of an SMS verification code?
SMS one-time passcodes (OTPs), also known as verification codes, are a tool for protecting user accounts and ensuring users have access to a phone number associated with their account. They may be used for authentication during login or before other sensitive actions like account changes. SMS verification codes may also be used when a phone number is first added to an account for other purposes like ongoing notifications like appointment reminders.
Prerequisites for sending One-Time Passcodes
Before you can send an OTP you'll need:
- A Twilio account - sign up or sign in
- A Verify Service which you can create in the Twilio console. The Service Name will appear in the SMS body but you can always edit it later.
Copy your Service SID (starts with VA).
Send the SMS OTP
Copy the following code for the Verifications endpoint and replace the placeholders with:
- Your Verify Service SID created above
- Your phone number for testing
- Your Twilio Account SID and Auth Token (located on the main page of the Console)
# code samples in more languages: twilio.com/docs/verify/api/verification
curl -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Verifications" \
--data-urlencode "To=$YOUR_PHONE_NUMBER" \
--data-urlencode "Channel=sms" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
Execute the request and you will receive an SMS OTP.
Check the SMS OTP
Verify makes it easy to both send and check the OTP. Copy the following code for the VerificationCheck endpoint and replace the placeholders with:
- Your Verify Service SID created above
- The phone number you used in the last step
- The code you received
- Your Twilio Account SID and Auth Token (located on the main page of the Console)
# code samples in more languages: twilio.com/docs/verify/api/verification-check
curl -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/VerificationCheck" \
--data-urlencode "To=$YOUR_PHONE_NUMBER" \
--data-urlencode "Code=1234567" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
Execute the request; you should see status: "approved" with the correct OTP. The status will remain "pending" if you provide an incorrect OTP.
It's really that easy!
[Optional] Quick Deploy a Twilio Verify application
Make sure you're logged in to Twilio and head over to Twilio's Code Exchange for the One-Time Passcode verification project and paste in your Verify Service SID:
Next, click "Deploy my application". After a few seconds you should see a button to launch the live application: click that to go to your new Verify application.
Enter your phone number and hit Verify to test it out -- now you have a sample application to share and play around with!
How to use Verify OTPs in your application
You might have noticed that this doesn't actually protect anything, but if you're like me, you love having code to copy and modify. These examples give you the following building blocks:
- International telephone input (more details in this post)
- Sending an OTP
- Checking an OTP
- SMS Phone Verification on Code Exchange
You could use this as the basis to send and check verifications in your own application. The email channel requires a smidge more setup but all of the instructions are outlined in the documentation.
Learn more about getting started with Verify with the following resources:
- How Verify Fraud Guard protects you from SMS pumping
- How to test the Verify API without getting rate limited
- How to Verify a User via SMS with Express and Twilio Verify
- Migrating from Programmable Messaging to Verify
- Verify API reference documentation
- Verify SMS Overview
I can't wait to see what you build and secure!
Related Resources
Twilio Docs
From APIs to SDKs to sample apps
API reference documentation, SDKs, helper libraries, quickstarts, and tutorials for your language and platform.
Resource Center
The latest ebooks, industry reports, and webinars
Learn from customer engagement experts to improve your own communication.
Ahoy
Twilio's developer community hub
Best practices, code samples, and inspiration to build communications and digital engagement experiences.