13.32 SMS sender

In this policy, you can configure the settings for the SMS OTP method. The SMS OTP method sends SMS messages with one-time passwords to the users. Advanced Authentication contains predefined settings for Twilio and MessageBird services.

Authentication flow

The authentication flow for the SMS sender in Advanced Authentication is described in the following image.

A user wants to authenticate on an endpoint such as a laptop or a website with the SMS method. The following steps describe the authentication flow:

  1. When the authentication request is initiated, the endpoint contacts the Advanced Authentication server.

  2. The Advanced Authentication server validates the user’s credentials and gets a phone number of the user from a Repository.

  3. Advanced Authentication server sends the request to a configured SMS Service Provider to send an SMS message with the content that includes a one-time password (OTP) for authentication.

  4. SMS Service Provider sends the SMS message to the user's phone.

  5. SMS Service Provider sends the 'sent' signal to the Advanced Authentication server.

  6. Advanced Authentication server sends a request to the user to specify an OTP on the endpoint.

  7. The user specifies the OTP from the SMS message. The Advanced Authentication server gets the OTP.

  8. Advanced Authentication server then validates the authentication. The authentication is done or denied.

HTTP/HTTPS protocol is used for the communication.

Access configuration

Advanced Authentication server - SMS Service Provider (HTTP/HTTPS, outbound).

The Sender Service consists of the following three options:

13.32.1 Generic

You can configure one of the following generic SMS sender manually:

Clickatell

To configure Clickatell as the SMS sender perform the following steps:

  1. Select Generic in Sender service.

  2. Specify a Service URL value.

    For example, https://platform.clickatell.com/messages/http/send?apiKey=szkSkap_SqumXVb4vUfU0Q==&to=359884194544&content=Test message text\

  3. Specify HTTP Basic Authentication Username and HTTP Basic Authentication Password obtained from Clickatell.

  4. Select POST from HTTP request method.

  5. Select the required content type in HTTP request content type to send the HTTP request to the service provider. The supported options are:

    • URL encoded

    • JSON

  6. If you want to send the HTTP request in the URL encoded type, perform the following steps:

    1. Select URL Encoded in the HTTP request content type.

    2. Click Add and create the following parameters in HTTP request body.

      • Parameter name: user

        Parameter value: name of your account

      • Parameter name: to

        Parameter value: {phone}

      • Parameter name: text

        Parameter value: {message}

      • Parameter name: apiKey, this is a parameter that is issued after addition of an HTTP sub-product to your Clickatell account. A single account may have multiple API IDs associated with it.

      • Parameter name: from

        Parameter value: sender’s phone number

    3. Click Add secure and create the following parameter in HTTP request body.

      Name: Specify a term to identify the parameter. For example, password

      Value: current password that is set on the Clickatell account

      For more information about the additional parameters for Clickatell, see the Clickatell documentation.

    NOTE:The parameters may differ for different SMS service providers. But the {phone} and {message} variables are mandatory.

  7. If you want to send the HTTP request in the JSON type, perform the following steps:

    1. Select URL Encoded in the HTTP request content type.

    2. Enter the HTTP request in the JSON template.

      For example, {"to":"{{phone}}"'"message":"{{message}}"}

      where,

      • {{phone}}: Recipients phone number

      • {{message}}: Message body

    NOTE:The parameters may differ for different SMS service providers. But the {phone} and {message} variables are mandatory.

    For more information about the additional parameters for Clickatell, see the Clickatell documentation.

SignalWire

Before you configure SignalWire as the SMS sender, ensure that you meet the following prerequisites:

  • In SignalWire, create a project, choose a sub-domain (part of the sign-up process), and obtain the Direct Inward Dialing (DID) number.

  • Create an API token, obtain the Project Key and Token to configure in the SMS sender policy of the Advanced Authentication Administration portal.

To configure SignalWire as the SMS sender perform the following steps:

  1. Select Generic from Sender service.

  2. Specify a Service URL value.

    For example, https://{yourdomain}.signalwire.com/api/laml/2010-04-01/Accounts/{project key}/Messages.json

  3. Specify the Project Key (obtained from SignalWire) in HTTP Basic Authentication Username.

  4. Specify the Token (obtained from SignalWire) in HTTP Basic Authentication Password.

  5. Select POST from HTTP request method.

  6. Select the required content type in HTTP request content type to send the HTTP request to the service provider. The supported options are:

    • URL encoded

    • JSON

  7. If you want to send the HTTP request in the URL encoded type, perform the following steps:

    1. Select URL Encoded in the HTTP request content type.

    2. Click Add and create the following parameters in HTTP request body.

      • Parameter Name: to

        Parameter Value: {phone}

      • Parameter Name: from

        Parameter Value: DID number of your SignalWire project.

      • Parameter Name: body

        Parameter Value: {message}

  8. If you want to send the HTTP request in the JSON type, perform the following steps:

    1. Select URL Encoded in the HTTP request content type.

    2. Enter the HTTP request in the JSON template.

      For example, {"to":"{{phone}}"'"message":"{{message}}"}

      where,

      • {{phone}}: Recipients phone number

      • {{message}}: Message body

NOTE:

  • The parameters may differ for different SMS service providers. But the {phone} and {message} variables are mandatory.

  • Ensure that the from phone number is in E.164 format. Number in this format starts with a plus (+) symbol and the country code.

    For example, if India based phone number is (91) 123-4567 then the E.164 formatted number is +911234567.

For more information, see SignalWire API reference.

LOX

To configure LOX as the SMS sender perform the following steps:

  1. Select Generic from Sender service.

  2. Specify a Service URL value.

    For example, https://www.lox24.eu/API/httpsms.php?konto=1&password=APIV1Key&service=5\

  3. Specify the Project Key (obtained from LOX) in HTTP Basic Authentication.

  4. Specify the Token (obtained from LOX) in HTTP Basic Authentication.

  5. GET from HTTP request method.

  6. Select the required content type in HTTP request content type to send the HTTP request to the service provider. The supported options are:

    • URL encoded

    • JSON

  7. If you want to send the HTTP request in the URL encoded type, perform the following steps:

    1. Select URL Encoded in the HTTP request content type.

    2. Click Add and create the following parameters in HTTP request body.

      • Parameter name: user

        Parameter value: name of your account

      • Parameter name: to

        Parameter value: {phone}

      • Parameter name: text

        Parameter value: {message}

      • Parameter name: from

        Parameter value: sender’s phone number

    3. Click Save icon after entering Parameter name and Parameter value each time.

    4. Click Add secure and create the following parameters in HTTP request body.

      • Name: password

        Value: current password that is set on the account.

  8. If you want to send the HTTP request in the JSON type, perform the following steps:

    1. Select URL Encoded in the HTTP request content type.

    2. Enter the HTTP request in the JSON template.

      For example, {"to":"{{phone}}"'"message":"{{message}}"}

      where,

      • {{phone}}: Recipients phone number

      • {{message}}: Message body

NOTE:The parameters may differ for different SMS service providers. But the {phone} and {message} variables are mandatory.

For more information about the additional parameters for LOX, see the LOX documentation.

13.32.2 Twilio

To configure SMS sender settings for Twilio service, perform the following steps:

  1. Select Twilio in Sender service.

  2. Specify the following details:

    • Account sid and Authentication token: In Twilio, the Account SID acts as a username and the Authentication Token acts as a password.

      NOTE:After you save the configuration, Authentication token is not displayed even in the masked form.

      NOTE:If the Authentication token is not visible then the configuration has been saved. Specify the Authentication token again before sending a test message as the Test button reads the message from the UI. The real messaging service reads the message from the Advanced Authentication database.

    • Use Copilot: The copilot option is used to send SMS from a Twilio’s phone number of your location. This is helpful when SMS messages have to be sent across the geographical locations. For example, with copilot, SMS will be sent from Indian phone number to the Indian users. Without copilot, SMS will be sent from US phone number to the Indian users.

      For more information on Copilot option and its features, see https://www.twilio.com/copilot#phone-number-intelligence and https://www.twilio.com/docs/api/rest/sending-messages-copilot#features.

      • Messaging Service SID: Service SID.

      NOTE:When the Use Twilio Verify (Early Access) option is set to ON, the Use Copilot option is hidden.

    • Use Twilio Verify (Early Access): This option enables you to utilize the Twilio Verify service for user verification. Twilio Verify is a turnkey API service that sends an OTP to users through multiple channels such as SMS, email, and WhatsApp to enhance user account security and prevent fraud. It also helps in compliance by avoiding carrier and government registration requirements and optimizes messages routing using premium telephony routes to prioritize deliverability and speed.

      For more information on Twilio Verify and its features, see Twilio Verify

      • Messaging Service SID: Specify the unique identifier assigned by Twilio to a Messaging Service that you created within your Twilio account. Instead of using a specific phone number, the Messaging Service SID points to a collection of settings, rules, and phone numbers that are part of that service. The SID enables Twilio to route messages according to your service configurations, such as sender IDs and message delivery preferences.

      • Default Country Code: This is the default country code Twilio uses when processing a phone number that does not include a country code. If you provide a local phone number (i.e., without the country code), Twilio will automatically prepend the default country code.

        For example, if you set the default country code to +1 (the U.S. country code) and the user’s number in the repository is 555-4444, then Twilio will interpret the number as +1555-4444.

      IMPORTANT:This option is only available as a technical preview for testing and providing feedback. The technical preview features are not fully supported and may change significantly based on your feedback and ongoing development. We recommend that you try these features and provide your feedback to aafeedback@opentext.com.

      It is recommended to deploy or configure the technical preview features only in the staging environment.

    • Sender phone: This is the from phone number received from Twilio. Specify the Twilio phone number that you own and prefix the country code and backslash (\).

      For example, 91\9191919191

      NOTE:When the Use Twilio Verify (Early Access) option is set to ON, the Sender phone option is hidden.

  3. (Optional) To configure the Subaccounts, perform the following:

    NOTE:Twilio account supports multiple subaccounts that helps to segregate the usage based on geographic location, phone numbers, customers, or any other category. Subaccounts are associated with main Twilio account and share the balance. However, each subaccount has unique Account SID and Auth Token to determine the usage.

    For more information, see Twilio Subaccounts.

    1. Click Add.

    2. Specify the following details:

      • Country Dialing Code Filter: This code helps to determine which subaccount needs to used to send an SMS OTP message to a user.

        For example, the administrator can configure a subaccount that delivers SMS OTP messages to all users in India using the code +91 as the Country Dialing Code Filter. So that Advanced Authentication server automatically uses a specify subaccount to send all messages to users requesting from India.

      • Subaccount SID: 34 digits unique String Identifier (SID) of the subaccount to recognize the resource.

      • Subaccount Auth Token: Authentication Token to verify the user’s identity and indicates the level of access.

      • Sender Phone: From phone number that is displayed on recipients phone.

    3. Click Save icon .

13.32.3 MessageBird

To configure SMS sender settings for MessageBird service, perform the following steps:

  1. Select MessageBird in Sender service.

  2. Specify the Username, Password, and Sender name.

For more information, see the MessageBird website.

You can test the configurations for the SMS sender policy in the Test section.

  1. Specify the phone number in Phone to which you want to send the SMS OTP.

  2. Specify a message to be sent to the phone in Message.

  3. Click Send test message!.

  4. Click Save.

    Real messaging uses async sender. Ensure that you have configured a chain with the SMS method and assigned it to an event. Then sign-in to the Self-Service portal and test the SMS authenticator. If it does not work, see the async logs.