0

I'm trying to send SMS OTP via MessageBird services with nodejs and flutter application.

I tried the configuration and calls that doing on this video (official from MessageBird) but I cannot understand what is going on with ID that I'm getting back and the token that I should post it to Messagebird's API.

Video link: https://www.youtube.com/watch?v=6wrThyJi7lo

Any one can help me ?

Thank you very much!

Petros Pollakis
  • 61
  • 1
  • 8

2 Answers2

3

You send the user’s input “token” along with the ID of the verify object to the MessageBird API to verify that customer own the phone number and received message with the code. Also make sure that it’s done within timeout, this value by default 30 seconds.

This tutorial also available in text here https://github.com/messagebirdguides/verify-guide#verifying-the-code

To change timeout add it to params

messagebird.verify.create(number, {"timeout": 120}...)
Iuliia Filatova
  • 31
  • 2
2

In short:

the ID is for the verification process, when you send the ID and the token together back to messagebird in step3 of the tutorial, messagebird will tell you if this token you just sent is the one that was sent to the user.

The flow works like this:

  1. your application gets a phone number from the user
  2. your application makes a verify request using messagebird sdk (where it calls messagebird.verify.create(number, {"template": "<message_template>"}...)
  3. Messagebird will replace %token from your <message_template> with a random token and send a message to the user's phone.
  4. if the verify.create request succeeds, messagebird will give you an ID for this verification process, you'll need that later to verify the token when the user submits it to you
  5. The user gives you a token and you pass it back along with the ID (from the previous step) to messagebird where you call messagebird.verify.verify(id, token, ...)
  6. Messagebird will respond back to your request with either success or error based on whether the token matches what was sent to the user or not.

more details: you need the ID and the token in order to be able to handle multiple users at the same time, think if u have two users verifying their phone number at the same time, one got token 1234 and the other got 5678 without an ID there's no way to tell them apart.

Mahmoud Fawzy
  • 66
  • 2
  • Thank you for your reply! is a little confused. Let's get from the start... when I'm sending to verify the number's phone and get back and ID then I should make a new request to send the ID and the Token.. but I don't have any token.. :/ What I missing ? – Petros Pollakis Mar 23 '21 at 14:01
  • Thank you very much, it works great now! :) – Petros Pollakis Mar 23 '21 at 15:55