To configure Voice Sender settings forservice, perform the following steps.
Specify the masked value that you want to display for the Voice OTP.
The Voice OTP of the users is masked when users authenticate with the Voice OTP method.
NOTE:For Advanced Authentication 6.3 Service Pack 3 and newer versions,field is not available. In Advanced Authentication 6.3 Service Pack 3 and newer versions, the Voice OTP of the users is masked by default.
NOTE:The default value is set and if you do not change thevalue, the default value is considered for masking of the Voice OTP.
Specify the following details in thepolicy:
and : In Twilio, the Account SID acts as a username, and the Authentication Token acts as a password.
: The phone number of the sender.
Public External URLs (Load Balancers) policy. You can use http protocol for testing purpose, but for production environment you must use https protocol. You must have a valid certificate when you use https.: The public URL to which the Twilio service connects for authentication. This URL points to the
You can test the configurations for the Voice sender policy in thesection.
Specify the phone number into which you want to send the Voice OTP.
Specify a message to be sent to the phone in.
Real messaging uses async sender. Ensure that you have configured a chain with themethod and assigned it to an event. Then sign-in to the Self-Service portal and test the Voice authenticator. If it does not work, see the logs.
IMPORTANT:The users may receive calls with the voice Application error. This happens because of incorrect settings or invalid certificates. Ensure that the certificate is valid and is not expired. Invalid certificates cannot be applied by Twilio.
The authentication flow for the Voice sender in Advanced Authentication is described in the following image.
A user wants to authenticate on an endpoint such as a laptop or a website with the Voice Call method. The following steps describe the authentication flow:
When the authentication request is initiated, the endpoint contacts the Advanced Authentication server.
The Advanced Authentication server validates the user’s credentials and gets a phone number of the user from a repository.
Advanced Authentication server sends the request to a configured voice call service provider (Twilio) to call the user.
The voice call service provider calls the user.
The user picks up the phone, listens to the call, and specifies the PIN followed by the hash (#) sign.
Voice call provider sends the specified PIN to the Advanced Authentication server.
Advanced Authentication server then validates the authentication. The authentication is done or denied.
HTTP/HTTPS protocol is used for the communication.
Advanced Authentication server - Voice Call Service Provider (HTTP/HTTPS, inbound/ outbound).