How to Bring Your Own Keys for Okta Telephony with Twilio Verify

How to Bring Your Own Keys for Okta Telephony with Twilio Verify

Okta requires companies to bring their own telephony (BYOT) if they want to send SMS one-time passcodes (OTPs) or phone calls for multi-factor authentication or account recovery. Twilio Verify is an out-of-the-box solution for sending OTPs, and now Okta makes it straightforward to get set up with Verify in just a few steps.

This post will cover how to provide Okta with the necessary API keys to configure your telephony and be up and running in no time.

Prerequisites for Adding Twilio Verify to your Okta Org

Before you get started, you'll need the following account details:

• A Twilio Account ( login or create one for free if you don’t have one yet)
• Twilio Account SID (ACxxx…, find it at twilio.com/console)
• Twilio Auth Token (also find it at twilio.com/console)
• Verify Service SID (VAxxx…, find or create one here: twilio.com/console/verify/services)
• Enable Custom Code on your Verify Service.

Custom code allows Okta to set the verification code in the request. This is necessary for integrating with Okta's telephony workflows.

Bring your own key

Inside your Okta admin console, navigate to Customizations >> Telephony Providers. Select Twilio and paste in your Account SID, Auth Token, and Verify Service SID.

Okta encrypts and securely stores your credentials. If you prefer to use Programmable Messaging and/or Voice, you can use the phone number or Messaging Service SID here.

Test and run

After you've saved your telephony details, you can add SMS and Voice as MFA and recovery options to your Okta configuration. Learn more about configuring telephony in the Okta documentation.

Then add a phone number to your user and test the end to end flow following Okta's instructions for configuring end user phone authentication.

Customize your Okta telephony with Twilio Verify implementation

If you need a more customized approach, learn how to set up Twilio Verify with Okta inline hooks. The inline hook approach requires more configuration but allows you more flexibility to do things like Lookup a phone number before sending an OTP or anything else you might want to do in code.

That's it! Now you can monitor performance of your Verify OTPs with the insights dashboard and explore more options in the Verify API documentation.

Kelley Robinson works on the User Authentication & Identity team at Twilio, helping developers implement and manage customer account security. She has over a decade of experience as a software engineer in a variety of API and data engineering roles at startups. Kelley graduated from the University of Michigan and now lives in Upstate New York with her husband and a pit bull named Fish. Outside of work she is an avid home cook and mediocre woodworker.