2FA (2-Factor Authentication) Flow

The 2FA Messaging API allows the API user to initiate the sending of 2FA (2-Factor-Authentication) messages to the recipient while specifying the desired template. The API user can then validate whether the recipient has entered the correct 2FA code.

We can use the following diagram to further explain the use case:

Where:

UserService is the User of the API who wants to authenticate the recipients via 2FA procedure
API is the 2FA API described on this page
Recipient is the user of the mobile application with a valid mobile telephone number

Flow:

The Recipient has installed the UserService and has started the 2FA verification procedure
The UserService has initiated a request towards the API in order to initiate the generation and delivery of the 2FA code to the Recipient
The API upon successful request responds with the request_id which is later used by UserService to verify whether the code has been successfully entered
The API delivers the 2FA code to the Recipient
The Recipient enters the code within the UserService mobile interface
The UserService executes a validate endpoint
In a situation where the Recipient has entered the valid 2FA code the API responds with 200 OK to the UserService
The UserService has successfully completed the Recipient 2FA validation flow

Now that you have learned about how to efficiently authenticate the recipients by using the 2FA flow, head over to the to next page learn more about the API's supporting this flow.

API's mentioned in this document

❗️
At all times the user of the API should have a consent from the recipient to send the 2FA code and initiate the 2FA process. In a case where recipient complaints have been received our team will start a review of the API usage which when misused can lead to account being restricted until issue has been rectified.