Verify API
As part of Twilio's account security offerings, the Twilio Verify API enables you to add user verification to your web application. The API supports the following channels:
- SMS
- Passkeys
- Silent Network Auth
- Automatic Channel Selection
- Voice
- TOTP (authenticator apps such as Authy or Google Authenticator)
- Push and Silent Device Approval
For more information on Verify, see the Twilio Verify product page.
All URLs in this documentation use the following base URL:
https://verify.twilio.com/v2/
The Twilio REST API is served over HTTPS. To ensure data privacy, unencrypted HTTP is not supported.
To authenticate requests to the Twilio APIs, Twilio supports HTTP Basic authentication. Use your API key as the username and your API key secret as the password. You can create an API key either in the Twilio Console or using the API.
Note: Twilio recommends using API keys for authentication in production apps. For local testing, you can use your Account SID as the username and your Auth token as the password. You can find your Account SID and Auth Token in the Twilio Console.
Learn more about Twilio API authentication.
1curl -X POST https://verify.twilio.com/v2/Services \2-d FriendlyName=MyServiceName \3-u $TWILIO_API_KEY:$TWILIO_API_KEY_SECRET
This section shows the 3 steps required to complete a basic one-time passcode (OTP) verification. Follow the links for more documentation on advanced features such as service configuration, custom codes, rate limiting, PSD2 compliance, and more.
1// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function createService() {11const service = await client.verify.v2.services.create({12friendlyName: "My First Verify Service",13});1415console.log(service.sid);16}1718createService();
Response
1{2"sid": "VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",3"account_sid": "ACaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",4"friendly_name": "My First Verify Service",5"code_length": 4,6"lookup_enabled": false,7"psd2_enabled": false,8"skip_sms_to_landlines": false,9"dtmf_input_required": false,10"tts_name": "name",11"do_not_share_warning_enabled": false,12"custom_code_enabled": true,13"push": {14"include_date": false,15"apn_credential_sid": "CRaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",16"fcm_credential_sid": null17},18"totp": {19"issuer": "test-issuer",20"time_step": 30,21"code_length": 3,22"skew": 223},24"whatsapp": {25"msg_service_sid": "MGaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",26"from": "whatsapp:+1234567890"27},28"passkeys": {29"relying_party": {30"id": "www.mydomain.com",31"name": "My domain",32"origins": [33"www.mydomain.com",34"www.login.mydomain.com"35]36},37"authenticator_attachment": "",38"discoverable_credentials": null,39"user_verification": "discouraged"40},41"default_template_sid": "HJaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",42"verify_event_subscription_enabled": false,43"date_created": "2015-07-30T20:00:00Z",44"date_updated": "2015-07-30T20:00:00Z",45"url": "https://verify.twilio.com/v2/Services/VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",46"links": {47"verification_checks": "https://verify.twilio.com/v2/Services/VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/VerificationCheck",48"verifications": "https://verify.twilio.com/v2/Services/VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/Verifications",49"rate_limits": "https://verify.twilio.com/v2/Services/VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/RateLimits",50"messaging_configurations": "https://verify.twilio.com/v2/Services/VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/MessagingConfigurations",51"entities": "https://verify.twilio.com/v2/Services/VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/Entities",52"webhooks": "https://verify.twilio.com/v2/Services/VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/Webhooks",53"access_tokens": "https://verify.twilio.com/v2/Services/VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/AccessTokens"54}55}
Create a Verification Service in one of two ways:
- In the Twilio Verify Console
- By using the Verify API
A Verification Service is the set of common configurations used to create and check verifications. This includes features like:
- Friendly name (used in the verification message templates, except in countries with brand restrictions)
- Code length
- Other service-level options
One verification service can be used to send multiple verification tokens, it is not necessary to create a new service each time.
1// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function createVerification() {11const verification = await client.verify.v212.services("VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")13.verifications.create({14channel: "sms",15to: "+15017122661",16});1718console.log(verification.status);19}2021createVerification();
Response
1{2"sid": "VEaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",3"service_sid": "VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",4"account_sid": "ACaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",5"to": "+15017122661",6"channel": "sms",7"status": "pending",8"valid": false,9"date_created": "2015-07-30T20:00:00Z",10"date_updated": "2015-07-30T20:00:00Z",11"lookup": {},12"amount": null,13"payee": null,14"send_code_attempts": [15{16"time": "2015-07-30T20:00:00Z",17"channel": "SMS",18"attempt_sid": "VLaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"19}20],21"sna": null,22"url": "https://verify.twilio.com/v2/Services/VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/Verifications/VEaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"23}
This request sends a token to the end user through the specified channel. Newly created verifications have a status of pending. Supported channels are:
sms, see the Verify SMS Overviewcallemail, see Send Email Verifications with Verify and Twilio SendGridwhatsapp, see the Verify WhatsApp overview
Learn more about how to turn phone number input into E.164 format or how to customize the verification message.
For additional parameters, see the Verification API reference.
1// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function createVerificationCheck() {11const verificationCheck = await client.verify.v212.services("VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")13.verificationChecks.create({14code: "123456",15to: "+15017122661",16});1718console.log(verificationCheck.status);19}2021createVerificationCheck();
Response
1{2"sid": "VEaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",3"service_sid": "VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",4"account_sid": "ACaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",5"to": "+15017122661",6"channel": "sms",7"status": "approved",8"valid": true,9"amount": null,10"payee": null,11"sna_attempts_error_codes": [],12"date_created": "2015-07-30T20:00:00Z",13"date_updated": "2015-07-30T20:00:00Z"14}
This request checks whether the user-provided token is correct.
| Token | Status in response |
|---|---|
| Correct | approved |
| Incorrect | pending |
See the VerificationCheck API reference.
Info
You made it through the Verify API Overview. To protect your service against fraud, view our guidance on Preventing Toll Fraud when using Verify.