Verify API

Let good users in. Keep bad actors out with Verify API.

A fully managed turnkey API that verifies users over multiple channels at scale — handling 4.8B+ verifications each year.

Start for free View pricing

Prices starting at $0.05 per successful verification No credit card required

Illustration showing how a business can use Verify to authenticate a user’s identity as an account security measure.

How the Verify API works

An illustration showing different user verification methods including Voice, SMS, WhatsApp, Email and more using Twilio.

Verify is a turnkey API for user verification. Add two-factor authentication across channels like SMS, email, WhatsApp, and TOTP or implement frictionless verification with Silent Network Authentication (SNA).

Quickly integrate a one-time password authentication (OTP) solution that handles your connectivity, channels, code generation, fraud monitoring, and prevention.

Explore docs

Forrester Consulting ROI calculator

A commissioned study by Forrester Consulting found Twilio Verify provided 174% ROI. Try our new calculator to estimate what your business can achieve with Verify.

Access the calculator

Report on cost savings and benefits of Twilio Verify showing 174% ROI.

Build verification steps that feel like a feature, not a frustration

Trusted user verification with a downright delightful user experience.

Signup verification

Prevent fake account creation and create a secure signup experience for new users with one-time passwords that can be delivered across channels.

Intuit set up one-time password (OTP) SMS messages to authenticate new customers across the globe while eliminating any friction along the way.

94%

deliverability across the globe

200+

countries deployed in 3 months

Read Intuit's story

Login protection

Protect users from account takeovers by sending verification codes upon login as a method of two-factor authentication (2FA).

Stripe keeps millions of users secure by asking them to verify their identities quickly and easily over phone calls or SMS with Verify.

~70%

of user verifications handled by Twilio Verify

point improvement in login success rates in the US

Read Stripe's story

Two people using smartphones, focusing on the Stripe app, blurred store background.

Secure transactions

Validate users in real-time so you can confidently authorize high-value online transactions and protect customers against fraud.

Bitso implemented Verify to improve global delivery for verification OTPs. They depend on reliable user verification messages to keep customers’ financial accounts and transactions secure.

99%

of users successfully verified

82%

of users completed password resets

Read Bitso's story

Woman in blue blazer smiling at her smartphone on a sunny day.

Verify API features

Global user verification is hard—Verify makes it easy.

Woman with glasses and a nose ring smiling at an event, with people in the background.

100% Protection from SMS pumping fraud with Fraud Guard

Fraud Guard has already saved customers over $82 million by blocking 747 million fraud attempts¹. With first-to-market innovation, Fraud Guard offers 100% protection against SMS pumping fraud.

Learn more about Fraud Guard

Phone number management

Verify procures and manages short codes, long codes, toll free, and global alpha-sender IDs to accelerate global expansion.
Carrier-approved templates

Improve delivery rates with carrier-approved messages templates that automatically translate across 42 languages.
Actionable insight

Dashboards provide conversion and success rates per region and channel, as well as SMS fraud trends to optimize against fraud.
Silent Network Authentication

Secure authentication to protect end users, accounts, and transactions without requiring users to wait or leave your app.
PII-less, HIPAA-certified, SOC 2 Type 2

Develop compliant healthcare and financial service applications that do not require users to provide personally identifiable information (PII).

Push authentication

Embed push functionality in your apps easily.
Route optimization

Verify uses premium telephony routes on Twilio's Super Network to prioritize deliverability and speed.
Rate limiting

Verify's built-in platform protection for service rate limits give you turnkey protections with flexibility.
Multiple delivery channels

OTP delivery via SMS, WhatsApp, voice, and email, all managed through a single API.
Global reach

Verify manages the complexity of changing carrier and government regulations in 200+ regions and countries.

Less code, more security

Integrate Verify into your app in as little as one sprint with its developer-first APIs and client libraries for a quick and confident deployment.

Start for free

      

			# Download the helper library from https://www.twilio.com/docs/ruby/install
require 'rubygems'
require 'twilio-ruby'

# Find your Account SID and Auth Token at twilio.com/console
# and set the environment variables. See http://twil.io/secure
account_sid = ENV['TWILIO_ACCOUNT_SID']
auth_token = ENV['TWILIO_AUTH_TOKEN']
@client = Twilio::REST::Client.new(account_sid, auth_token)

verification = @client.verify
                      .v2
                      .services('VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX')
                      .verifications
                      .create(to: '+15017122661', channel: 'sms')

puts verification.sid
		


      

			# Download the helper library from https://www.twilio.com/docs/python/install
import os
from twilio.rest import Client


# Find your Account SID and Auth Token at twilio.com/console
# and set the environment variables. See http://twil.io/secure
account_sid = os.environ['TWILIO_ACCOUNT_SID']
auth_token = os.environ['TWILIO_AUTH_TOKEN']
client = Client(account_sid, auth_token)

verification = client.verify \
                     .v2 \
                     .services('VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX') \
                     .verifications \
                     .create(to='+15017122661', channel='sms')

print(verification.sid)
		


      

			<?php

// Update the path below to your autoload.php,
// see https://getcomposer.org/doc/01-basic-usage.md
require_once '/path/to/vendor/autoload.php';

use Twilio\Rest\Client;

// Find your Account SID and Auth Token at twilio.com/console
// and set the environment variables. See http://twil.io/secure
$sid = getenv("TWILIO_ACCOUNT_SID");
$token = getenv("TWILIO_AUTH_TOKEN");
$twilio = new Client($sid, $token);

$verification = $twilio->verify->v2->services("VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX")
                                   ->verifications
                                   ->create("+15017122661", "sms");

print($verification->sid);
		


      

			// Download the helper library from https://www.twilio.com/docs/node/install
// Find your Account SID and Auth Token at twilio.com/console
// and set the environment variables. See http://twil.io/secure
const accountSid = process.env.TWILIO_ACCOUNT_SID;
const authToken = process.env.TWILIO_AUTH_TOKEN;
const client = require('twilio')(accountSid, authToken);

client.verify.v2.services('VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX')
                .verifications
                .create({to: '+15017122661', channel: 'sms'})
                .then(verification => console.log(verification.sid));
		


      

			// Install the Java helper library from twilio.com/docs/java/install

import com.twilio.Twilio;
import com.twilio.rest.verify.v2.service.Verification;

public class Example {
    // Find your Account SID and Auth Token at twilio.com/console
    // and set the environment variables. See http://twil.io/secure
    public static final String ACCOUNT_SID = System.getenv("TWILIO_ACCOUNT_SID");
    public static final String AUTH_TOKEN = System.getenv("TWILIO_AUTH_TOKEN");

    public static void main(String[] args) {
        Twilio.init(ACCOUNT_SID, AUTH_TOKEN);
        Verification verification = Verification.creator(
                "VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
                "+15017122661",
                "sms")
            .create();

        System.out.println(verification.getSid());
    }
		


      

			curl -X POST "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Verifications" \
--data-urlencode "To=+15017122661" \
--data-urlencode "Channel=sms" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
		


      

			// Install the C# / .NET helper library from twilio.com/docs/csharp/install

using System;
using Twilio;
using Twilio.Rest.Verify.V2.Service;


class Program
{
    static void Main(string[] args)
    {
        // Find your Account SID and Auth Token at twilio.com/console
        // and set the environment variables. See http://twil.io/secure
        string accountSid = Environment.GetEnvironmentVariable("TWILIO_ACCOUNT_SID");
        string authToken = Environment.GetEnvironmentVariable("TWILIO_AUTH_TOKEN");

        TwilioClient.Init(accountSid, authToken);

        var verification = VerificationResource.Create(
            to: "+15017122661",
            channel: "sms",
            pathServiceSid: "VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
        );

        Console.WriteLine(verification.Sid);
    }
}
		

Need help setting up Verify?

Bring your ideal solution to life with technology partners and top-tier consulting partners like Deloitte Digital, Perficient, and more. View partners

Verify and Lookup save time and money. Sweat and tears too.

Get a comprehensive solution to cut costs, increase OTP conversions, and reduce fraud risk.

$82M

saved by Verify Fraud Guard¹

5.1B

validations per year²

40%

increase in conversion rates with SNA and Push³

68%+

global conversion rate with Verify²

Explore Lookup

Build first, buy later. Start your free trial today.

There’s no credit card required to sign up. And when you're ready to scale, you only pay for successful verifications. Simple, fair, and completely transparent.

Start for free View pricing

Man with curly hair in a yellow plaid shirt smiling next to a brick wall

FAQs

Twilio Verify API is a fully managed authentication service that lets you add multichannel verification methods (like one-time passcodes, Passkeys, or Silent Network Authentication) to your app or website without building your own infrastructure. You can choose identity possession methods such as phone number possession, device possession, and email possession. Check out the Verify docs to learn more.

The Twilio Authy app is a two-factor authentication (2FA) app that generates secure tokens to protect your accounts from unauthorized access. It's a free mobile app that adds an extra layer of security beyond passwords, requiring a code generated on your device to log in to various online accounts.

First, you need a Twilio account. If you don’t have one yet, you can sign up for a free trial. If you already have one, you can move on to creating a Verify Service in the Twilio Console. Follow the setup instructions to enable the SMS channel within Verify.

Then, call the Create Verification endpoint with your Service SID, the user’s phone number, and the verification method (SMS, phone call, WhatsApp). Twilio will then send an SMS with a six-digit code to your user.

You can find step-by-step instructions in our Verify quickstart, dive into the Verify API reference, or use our tutorial to set up 2FA and OTP in five minutes.

Verify supports multiple channels, including:

SMS
Passkeys
Silent Network Auth
Voice
WhatsApp
Email
TOTP (authenticator apps like Authy and Google Authenticator)
Push and Silent Device Approval

To choose the most appropriate Twilio Verify channel or authentication method, evaluate your business context, the user experience, customer demographics, regional norms, security needs, and technical feasibility.

There are a couple of ways you add fallback logic for verification methods:

You have full control of the channel you want to use for every attempt in a verification.You can implement redundancy by calling the same Create Verification endpoint again with a different channel parameter if the first delivery fails or times out. For example, send via SMS first, then resend with channel=voice if needed. Our quickstarts walk you through this step-by-step in code.
Automatic fallback from RCS-to-SMS and WhatsApp-to-SMS is in pilot on Verify. To access the pilots, contact our support team.

Learn more about Verify fallback scenarios in our docs.

Yes. Twilio Verify is covered by our global compliance framework. This includes GDPR, SOC 2 Type II, and ISO 27001. All data is encrypted in transit and at rest.

For full details on our overall platform compliance, visit our Security documentation.

Verify has a rate limit of five verification attempts to the same entity within 10 minutes. If you send more than this, you’ll get an error message that you’ve reached the limit for maximum attempts. These limits are in place to prevent fraud and abuse.

You can set your own limits too. Our docs explain how to protect your Verify application with service rate limits, and we also outline rate limits and timeout considerations for your app.

You are charged $0.05 per successful verification (volume discounts are available), plus standard channel fees. A successful verification for an OTP based authentication channel is one where the user inputs the correct OTP and it is confirmed on the Verify API. If you create your own custom code, all attempts will be billed, because Verify cannot independently confirm user input.

Channel fees vary per channel:

SMS: Message attempts are always charged and not subject to delivery ($0.05 per successful verification + $0.0083 per SMS (US prices*)).
Voice: Voice attempts are always charged and not subject to delivery ($0.05 per successful verification).
Email: $0.05 per successful verification.
WhatsApp: Only billed when delivery is confirmed ($0.05 per successful verification + $0.0147 per authentication template message (US prices*)).
Passkeys: Pilot program.
Silent Network Auth: $0.05 per successful verification plus per-country channel fee. You will not be billed if we are unable to complete the SNA flow with the carrier.
TOTP (authenticator apps like Authy and Google Authenticator): TOTP channel fee is included in the verification fee. It’s charged when a request is approved.
Push and Silent Device Approval: Push channel fee is included in the verification fee. It’s charged when a request is approved or denied.

*You can find more detailed rates, international pricing, and links to channel-specific rates on the Verify pricing page.

Yes. You can unlock volume discounts and committed-use plans by contacting Twilio sales.

There are no monthly minimums for pay-as-you-go Verify usage. Review Verify pricing for more details.

You can set up Usage Triggers in your Twilio account to notify you when you reach a threshold you’ve set for a number of verifications or spending. When you reach a threshold, Twilio will send a webhook notification to a URL you provide. See our Usage Triggers page in the Twilio Console for more information.

Rate limits are also a way to limit the amount of OTPs generated, see our documentation on protecting your Verify application with service rate limits.

After a user submits their one-time passcode, you call the Verification Check endpoint with your Service SID, the user’s phone number, and the code. Twilio will return a success or failure response.

To get real-time updates on verification events, use the Verify Events API. Follow the onboarding instructions.

Twilio Verify supports many use cases, including:

Account sign-up, new user onboarding
Repeat login
Step-up authentication
Account recovery
Transaction verification
Profile or account changes
High-risk support flows
Promotional abuse
Consent or opt-in confirmation

The globally supported authentication methods for Verify include:

OTP delivered over SMS
OTP delivered over WhatsApp
OTP delivered over voice
OTP delivered over email
Silent Device Approval
Push
Time-based one-time passcodes (TOTP)

The authentication methods with limitations are:

OTP delivered over RCS (coverage limitations)
Silent Network Auth (coverage limitations)

¹ From June '22 up to May ‘25

² Twilio 2024 internal data, based on those customers who provide conversion data

³ Curve results with Twilio

Let good users in. Keep bad actors out with Verify API.

How the Verify API works

Forrester Consulting ROI calculator

Build verification steps that feel like a feature, not a frustration

Signup verification

Login protection

Secure transactions

Verify API features

100% Protection from SMS pumping fraud with Fraud Guard

Less code, more security

Need help setting up Verify?

Verify and Lookup save time and money. Sweat and tears too.

Build first, buy later. Start your free trial today.

FAQs

What is Twilio Verify API and how is it different from the Authy app?

How do I send a one-time passcode (OTP) via SMS with the Verify API?

Which channels does Verify support and how do I choose?

How do I add fallback logic (e.g. SMS to voice) if delivery fails?

Is Twilio Verify GDPR, SOC 2, or ISO 27001 compliant?

What rate limits apply?

How am I billed for each verification attempt (successful vs. failed)?

Are there volume discounts, committed-use plans or monthly minimums?

How do I set spend caps or receive alerts when I hit a budget threshold?

How do I validate a user’s code and configure webhooks (status callbacks)?

Which core use cases does Verify support?

What geographies and carriers does Verify cover, and what’s your accuracy/fraud-catch rate?