Start SMS OTP Verification
You can test these APIs on postman! Click here.
This ExoVerify API is used to start an SMS OTP verification. Please ensure the following pre-requisites are taken care of before using this API
Please refer to following Sequence Diagram to understand the API hits flow:
The following data points are required to start using this API:
Please use the following Headers in the API Request:
1. Authorization: Basic <credentials>
<credentials> is a Base64 encoded value of “Application_ID:Application_Secret” (ignore quotes).
2. Content-Type: application/json
https://exoverify.exotel.com/v2/accounts/{account_sid}/verifications/sms
Replace {account_sid} with your Account SID (Find it on the top left side of this page)
The following are the Body Parameters of the API Request
Parameter Name | Mandatory/Optional | Value / Description |
application_id | Mandatory | Indicates the Exoverify SMS App to be used for the verification request. |
phone_number | Mandatory | Indicates the phone number that needs to be verified. It must be in the E164 format. |
replace_vars | Optional | A list of variables that are to be used for replacing {#var#} placeholders in a DLT approved SMS Template that has variables apart from the OTP itself. For instance, if you have two occurrences of {#var#} in your template, and specify a list of two strings for the “replace_vars“ array parameter - the replacement of each {#var#} will be done with each item in the list using the order of the items in the list, from left to right. |
{ "application_id": "f5b1c365648e6f50fd1b29634a5e166e", "phone_number": "+916666666666" }
{ "application_id": "f5b1c365648e6f50fd1b29634a5e166e", "phone_number": "+916666666666", "replace_vars": ["John", "Doe"] }
{ "request_id":"881cf11407d54595a6902267d05eff4a", "method":"POST", "http_code":200, "response":{ "code":200, "error_data":null, "status":"success", "data":{ "verification_id":"463fac2fa3ece58c6551e296c1b9167c", "phone_number":"+918637XX2391", "application_id":"f5b1c365648e6f50fd1b29633a5e166e", "account_sid":"google", "max_attempts":10, "expiration_in_seconds":60, "url":"/v2/accounts/google/sms/verifications/463fac2fa3ece58c6551e296c1b9167c", "created_at":"2022-07-12T12:13:16Z", "updated_at":"2022-07-12T12:13:16Z" } } }
{ "request_id":"6d9de1b5576b446692ffd9d1c1620c8e", "method":"POST", "http_code":400, "response":{ "code":400, "error_data":{ "code":1002, "description":"ApplicationId in Body and Authorization Header should be same", "message":"Invalid parameter" }, "status":"failure", "data":null } }
The following are a sample list of the HTTP codes and corresponding error codes that can encountered in the event of a failure.
400 |
1001 |
Mandatory Parameter missing |
400 |
1002 |
Invalid parameter |
400 |
1005 |
Mandatory Body Parameters missing |
401 |
1010 |
Authentication failed |
403 |
1012 |
Forbidden Operation |
403 |
1015 |
Verification has been denied |
404 |
1000 |
Not Found |
429 |
1030 |
Throttle limit Breached for Sending Sms |
500 |
1110 |
Internal Server Error |
500 |
1123 |
Internal Server Error |
500 |
1120 |
Internal Server Error |