Authy API
Two-factor authentication, passwordless login, and secured authorizations, built for developers
Create a push authentication
Use a push notification to a mobile device to start a secure, yet user-friendly authentication. Can also be used for protecting in application transactions, like money transfers.
View Docs- Curl
- Node
- .NET (C#)
# $AUTHY_API_KEY is the Authy API Key # $AUTHY_API_FORMAT is either “xml” or “json” # $AUTHY_ID example: 123456 # $COUNTRY_CODE example: 1 # $OT_MESSAGE is the OneTouch message # $OT_DETAILS is a string of details # $OT_TTL is the time (in seconds) for verification to occur curl -X POST "http://api.authy.com/onetouch/$AUTHY_API_FORMAT/users/$AUTHY_ID/approval_requests” \ -H "X-Authy-API-Key: $AUTHY_API_KEY" \ -d message="$OT_MESSAGE" \ -d details="$OT_DETAILS" \ -d seconds_to_expire="$OT_TTL"# npm install authy-client # $AUTHY_ID example: 123456 const Client = require('authy-client').Client; const authy = new Client({key: AUTHY_API_KEY}); var request = { authyId: AUTHY_ID, details: { hidden: { "test": "This is a" }, visible: { "Location": "California, USA", "Room": "VR Room 1" } }, message: 'Requesting War Room Access' }; authy.createApprovalRequest( request, { ttl: 300 }, function (err, resp) { if (err) { console.log(err); } else { console.log(resp); } });public static async Task CreateApprovalRequestAsync() { // Create client var client = new HttpClient(); // Add authentication header client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey); var requestContent = new FormUrlEncodedContent(new[] { new KeyValuePairCheck push authentication status
Once you’ve requested a push authentication, you can either set a callback for the status change or poll the API with this example.
View Docs- Curl
- Node
- .NET (C#)
# $AUTHY_API_KEY is the Authy API Key # $AUTHY_API_FORMAT is either “xml” or “json” # $UUID is the string returned after creating a OneTouch request curl "http://api.authy.com/onetouch/$AUTHY_API_FORMAT/approval_requests/$UUID" \ -H "X-Authy-API-Key: $AUTHY_API_KEY"# npm install authy-client const Client = require('authy-client').Client; const authy = new Client({key: AUTHY_API_KEY}); authy.getApprovalRequest({ id: $UUID }, function (err, resp) { if (err) { console.log(err); } else { console.log(resp); } });public static async Task VerifyPhoneAsync() { // Create client var client = new HttpClient(); // Add authentication header client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey); // https://api.authy.com/protected/$AUTHY_API_FORMAT/phones/verification/check?phone_number=$USER_PHONE&country_code=$USER_COUNTRY&verification_code=$VERIFY_CODE HttpResponseMessage response = await client.GetAsync("https://api.authy.com/protected/json/phones/verification/check?phone_number=5558675309&country_code=1&verification_code=3043"); // Get the response content. HttpContent responseContent = response.Content; // Get the stream of the content. using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync())) { // Write the output. Console.WriteLine(await reader.ReadToEndAsync()); } }Request an OTP via SMS
The most globally available method of 2FA, usable by anyone with a mobile phone or landline, anywhere in the world.
View Docs- Curl
- Node
- .NET (C#)
# $AUTHY_API_KEY is the Authy API Key # $AUTHY_API_FORMAT is either “xml” or “json” # $AUTHY_ID example: 123456 curl "http://api.authy.com/protected/$AUTHY_API_FORMAT/sms/$AUTHY_ID?force=true" \ -H "X-Authy-API-Key: $AUTHY_API_KEY"# npm install authy-client const Client = require('authy-client').Client; const authy = new Client({key: AUTHY_API_KEY}); authy.requestSms({authyId: req.body.authyId}, {force: true}, function (err, resp) { if (err) throw err; console.log(resp); });public static async Task RequestAuthySMSAsync() { // Create client var client = new HttpClient(); // Add authentication header client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey); // http://api.authy.com/protected/$AUTHY_API_FORMAT/sms/$AUTHY_ID?force=true HttpResponseMessage response = await client.GetAsync( "http://api.authy.com/protected/json/sms/5661166?force=true"); // Get the response content. HttpContent responseContent = response.Content; // Get the stream of the content. using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync())) { // Write the output. Console.WriteLine(await reader.ReadToEndAsync()); } }Request an OTP via voice
The most globally available method of 2FA, usable by anyone with a mobile phone or landline, anywhere in the world.
View Docs- Curl
- Node
- .NET (C#)
# $AUTHY_API_KEY is the Authy API Key # $AUTHY_API_FORMAT is either “xml” or “json” # $AUTHY_ID example: 123456 curl -i "http://api.authy.com/protected/$AUTHY_API_FORMAT/call/$AUTHY_ID?force=true" \ -H "X-Authy-API-Key: $AUTHY_API_KEY"# npm install authy-client const Client = require('authy-client').Client; const authy = new Client({key: AUTHY_API_KEY}); client.requestCall({ authyId: 1635 }, function(err, res) { if (err) throw err; console.log('Call initiated’', res.cellphone); });public static async Task RequestAuthyVoiceAsync() { // Create client var client = new HttpClient(); // Add authentication header client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey); // http://api.authy.com/protected/$AUTHY_API_FORMAT/call/$AUTHY_ID?force=true HttpResponseMessage response = await client.GetAsync( "http://api.authy.com/protected/json/call/5661166?force=true"); // Get the response content. HttpContent responseContent = response.Content; // Get the stream of the content. using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync())) { // Write the output. Console.WriteLine(await reader.ReadToEndAsync()); } }Verify an OTP
The most globally available method of 2FA, usable by anyone with a mobile phone or landline, anywhere in the world.
View Docs- Curl
- Node
- .NET (C#)
# $AUTHY_API_KEY is the Authy API Key # $AUTHY_API_FORMAT is either “xml” or “json” # $AUTHY_ID example: 123456 # $ONECODE is the requested token curl -i "http://api.authy.com/protected/$AUTHY_API_FORMAT/verify/$ONECODE/$AUTHY_ID" \ -H "X-Authy-API-Key: $AUTHY_API_KEY"# npm install authy-client const Client = require('authy-client').Client; const authy = new Client({key: AUTHY_API_KEY}); client.verifyToken({ authyId: AUTHY_ID, token: ONECODE }, function(err, resp) { if (err) throw err; console.log('Token is valid: ‘, resp'); });public static async Task VerifyTokenAsync() { // Create client var client = new HttpClient(); // Add authentication header client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey); // http://api.authy.com/protected/$AUTHY_API_FORMAT/verify/$ONECODE/$AUTHY_ID HttpResponseMessage response = await client.GetAsync( "http://api.authy.com/protected/json/verify/3812001/5661166"); // Get the response content. HttpContent responseContent = response.Content; // Get the stream of the content. using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync())) { // Write the output. Console.WriteLine(await reader.ReadToEndAsync()); } }Verify a smartphone-generated TOTP
Complete a 2FA step without requiring your user to have an internet or cell connected device. Simply verify the token generated by the Authy app, regardless of whether or not your device has is connected.
View Docs- Curl
- Node
- .NET (C#)
# $AUTHY_API_KEY is the Authy API Key # $AUTHY_API_FORMAT is either “xml” or “json” # $AUTHY_ID example: 123456 # $ONECODE is the requested token curl -i "http://api.authy.com/protected/$AUTHY_API_FORMAT/verify/$ONECODE/$AUTHY_ID" \ -H "X-Authy-API-Key: $AUTHY_API_KEY"# npm install authy-client const Client = require('authy-client').Client; const authy = new Client({key: AUTHY_API_KEY}); client.verifyToken({ authyId: AUTHY_ID, token: ONECODE }, function(err, resp) { if (err) throw err; console.log('Token is valid: ‘, resp'); });public static async Task VerifyTokenAsync() { // Create client var client = new HttpClient(); // Add authentication header client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey); // http://api.authy.com/protected/$AUTHY_API_FORMAT/verify/$ONECODE/$AUTHY_ID HttpResponseMessage response = await client.GetAsync( "http://api.authy.com/protected/json/verify/3812001/5661166"); // Get the response content. HttpContent responseContent = response.Content; // Get the stream of the content. using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync())) { // Write the output. Console.WriteLine(await reader.ReadToEndAsync()); } }
The Twilio advantage
Communicate reliably
Experience a 99.95% uptime SLA made possible with automated failover and zero-maintenance windows.
Operate at scale
Extend the same app you write once to new markets with configurable features for localization and compliance.
Many channels
Use the same platform you know for voice, SMS, video, chat, two-factor authentication, and more.
No shenanigans
Get to market faster with pay-as-you-go pricing, free support, and the freedom to scale up or down without contracts.