2FA (2-Factor Authentication) Flow
The 2FA Messaging API allows the API user to initiate the sending of 2FA (2-Factor-Authentication) messages to the recipient while specifying the desired template. The API user can then validate whether the recipient has entered the correct 2FA code.
We can use the following diagram to further explain the use case:
Where:
- UserService is the User of the API who wants to authenticate the recipients via 2FA procedure
- API is the 2FA API described on this page
- Recipient is the user of the mobile application with a valid mobile telephone number
Flow:
- The Recipient has installed the UserService and has started the 2FA verification procedure
- The UserService has initiated a request towards the API in order to initiate the generation and delivery of the 2FA code to the Recipient
- The API upon successful request responds with the
request_id
which is later used by UserService to verify whether the code has been successfully entered - The API delivers the 2FA code to the Recipient
- The Recipient enters the code within the UserService mobile interface
- The UserService executes a validate endpoint
- In a situation where the Recipient has entered the valid 2FA code the API responds with
200 OK
to the UserService - The UserService has successfully completed the Recipient 2FA validation flow
Now that you have learned about how to efficiently authenticate the recipients by using the 2FA flow, head over to the to next page learn more about the API's supporting this flow.
API's mentioned in this document
At all times the user of the API should have a consent from the recipient to send the 2FA code and initiate the 2FA process. In a case where recipient complaints have been received our team will start a review of the API usage which when misused can lead to account being restricted until issue has been rectified.