×

    • Start SMS OTP Verification Beta

    This ExoVerify API is used to start an SMS OTP verification. Please ensure the following pre-requisites are taken care of before using this API

     

    Please refer to following Sequence Diagram to understand the API hits flow:

    The following data points are required to start using this API:

    • App ID (generated after creating an SMS OTP app on ExoVerify)
    • App Secret (generated after creating an SMS OTP app on ExoVerify)
    • Account Sid (Can be seen on the top left side of this page)
    POST

    https://exoverify.exotel.com/v2/accounts/{account_sid}/verifications/sms

    • Replace {account_sid} with your Account SID (Find it on the top left side of this page)

    The following are the Body Parameters of the API Request

    Parameter Name Mandatory/Optional Value / Description
    application_id Mandatory Indicates the Exoverify SMS App to be used for the verification request.
    phone_number Mandatory Indicates the phone number that needs to be verified. It must be in the E164 format.
    replace_vars Optional A list of variables that are to be used for replacing {#var#} placeholders in a  DLT approved SMS Template that has variables apart from the OTP itself. For instance, if you have two occurrences of {#var#} in your template, and specify a list of two strings for the “replace_vars“ array parameter - the replacement of each {#var#} will be done with each item in the list using the order of the items in the list, from left to right. 
    • Example Request
    {
"application_id": "f5b1c365648e6f50fd1b29634a5e166e",
"phone_number": "+916666666666"
}
    • Example Request (Multi-Variable SMS Template)
    {
"application_id": "f5b1c365648e6f50fd1b29634a5e166e",
"phone_number": "+916666666666",
"replace_vars": ["John", "Doe"]
}
    • Example Response on Success
    {
  "request_id":"881cf11407d54595a6902267d05eff4a",
  "method":"POST",
  "http_code":200,
  "response":{
    "code":200,
    "error_data":null,
    "status":"success",
    "data":{
      "verification_id":"463fac2fa3ece58c6551e296c1b9167c",
      "phone_number":"+918637XX2391",
      "application_id":"f5b1c365648e6f50fd1b29633a5e166e",
      "account_sid":"google",
      "max_attempts":10,
      "expiration_in_seconds":60,
      "url":"/v2/accounts/google/sms/verifications/463fac2fa3ece58c6551e296c1b9167c",
      "created_at":"2022-07-12T12:13:16Z",
      "updated_at":"2022-07-12T12:13:16Z"
    }
  }
}
    • Example Response on Failure
    {
  "request_id":"6d9de1b5576b446692ffd9d1c1620c8e",
  "method":"POST",
  "http_code":400,
  "response":{
    "code":400,
    "error_data":{
      "code":1002,
      "description":"ApplicationId in Body and Authorization Header should be same",
      "message":"Invalid parameter"
    },
    "status":"failure",
    "data":null
  }
}

    The following are a sample list of the HTTP codes and corresponding error codes that can encountered in the event of a failure. 

    HTTP Code 

    Error Code

    Description

    400

    1001

    Mandatory Parameter missing

    400

    1002

    Invalid parameter

    400

    1005

    Mandatory Body Parameters missing

    401

    1010

    Authentication failed

    403

    1012

    Forbidden Operation

    403

    1015

    Verification has been denied

    404

    1000

    Not Found

    429

    1030

    Throttle limit Breached for Sending Sms

    500

    1110

    Internal Server Error

    500

    1123

    Internal Server Error

    500

    1120

    Internal Server Error

    Verify OTP API Beta

    This ExoVerify API is used to verify if the OTP entered by the user is correct or not

    POST

    https://exoverify.exotel.com/v2/accounts/{account_sid}/verifications/sms/{verification_id}

    • Replace {account_sid} with your Account SID (Find it on the top left side of this page)
    Replace {verification_id} with the Verification ID as received in the response of the Start Verification API request

    The following are the Body Parameters of the API Request

    Parameter Name Mandatory/Optional Value / Description
    OTP Mandatory The user entered OTP that is to be verified
    • Example Request
    {
"OTP": "576389"
}
    • Example Response on Success
    {
  "request_id":"48f97c0f1cca46b09fb0e4255ef8a4eb",
  "method":"POST",
  "http_code":200,
  "response":{
    "code":200,
    "error_data":null,
    "status":"success",
    "data":{
      "verification_id":"12c705bc55de82cc96f9d543cf77167c",
      "application_id":"f5b1c365648e6f50fd1b29633a5e166e",
      "account_sid":"Zomato5",
      "status":"success",
      "created_at":"2022-07-12T12:15:55+05:30",
      "updated_at":"2022-07-12T12:15:55+05:30"
    }
  }
}
    • Example Response on Failure
    {
  "request_id":"34f1bed8b4f246049e894d44d588d911",
  "method":"POST",
  "http_code":403,
  "response":{
    "code":403,
    "error_data":{
      "code":1003,
      "description":"VerificationId already verified.",
      "message":"Authentication failed"
    },
    "status":"failure",
    "data":null
  }
}

    The following are a sample list of the HTTP codes and corresponding error codes that can encountered in the event of a failure. 

    Http Code

    Error Code 

    Description

    400

    1210

    OTP has expired

    400

    1211

    Invalid OTP Entered

    400

    1210

    Mandatory Body Parameters missing

    401

    1010

    Authentication failed

    403

    1017

    VerificationId already verified

    403

    1012

    Forbidden Operation

    403

    1016

    Maximum allowed verification attempts has been made

    404

    1000

    Not Found

    500

    1110

    Internal Server Error

    500

    1120

    Internal server error