Skip to contentSkip to navigationSkip to topbar
Rate this page:
On this page

Verify API


As part of Twilio's account security offerings, the Twilio Verify API makes it simple to add user verification to your web application. The API supports the following channels:

For more information on Verify, see our product page(link takes you to an external page).


Base URL

base-url page anchor

All URLs referenced in the documentation have the following base:


_10
https://verify.twilio.com/v2/

The Twilio REST API is served over HTTPS. To ensure data privacy, unencrypted HTTP is not supported.


HTTP requests to the REST API are protected with HTTP Basic authentication(link takes you to an external page). To learn more about how Twilio handles authentication, please refer to our security documentation. In short, you will use your Twilio account SID as the username and your auth token as the password for HTTP Basic authentication.


_10
curl -XPOST https://verify.twilio.com/v2/Services \
_10
-d FriendlyName=MyServiceName \
_10
-u '[YOUR ACCOUNT SID]:[YOUR AUTH TOKEN]'

You can find your account SID and auth token in your console(link takes you to an external page).


User Verification Workflow

user-verification-workflow page anchor

This guide shows the 3 steps to completing a basic one-time passcode (OTP) verification. Follow the links for more documentation on advanced features such as service configuration, custom codes, rate limiting, PSD2 compliance, and more.

Step 1: Create a Verification Service

step-1-create-a-verification-service page anchor
Node.js
Python
C#
Java
Go
PHP
Ruby
twilio-cli
curl

_10
// Download the helper library from https://www.twilio.com/docs/node/install
_10
// Find your Account SID and Auth Token at twilio.com/console
_10
// and set the environment variables. See http://twil.io/secure
_10
const accountSid = process.env.TWILIO_ACCOUNT_SID;
_10
const authToken = process.env.TWILIO_AUTH_TOKEN;
_10
const client = require('twilio')(accountSid, authToken);
_10
_10
client.verify.v2.services
_10
.create({friendlyName: 'My First Verify Service'})
_10
.then(service => console.log(service.sid));

Output

_38
{
_38
"sid": "VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_38
"account_sid": "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_38
"friendly_name": "My First Verify Service",
_38
"code_length": 4,
_38
"lookup_enabled": false,
_38
"psd2_enabled": false,
_38
"skip_sms_to_landlines": false,
_38
"dtmf_input_required": false,
_38
"tts_name": "name",
_38
"do_not_share_warning_enabled": false,
_38
"custom_code_enabled": true,
_38
"push": {
_38
"include_date": false,
_38
"apn_credential_sid": "CRXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_38
"fcm_credential_sid": null
_38
},
_38
"totp": {
_38
"issuer": "test-issuer",
_38
"time_step": 30,
_38
"code_length": 3,
_38
"skew": 2
_38
},
_38
"default_template_sid": "HJXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_38
"verify_event_subscription_enabled": false,
_38
"date_created": "2015-07-30T20:00:00Z",
_38
"date_updated": "2015-07-30T20:00:00Z",
_38
"url": "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_38
"links": {
_38
"verification_checks": "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/VerificationCheck",
_38
"verifications": "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Verifications",
_38
"rate_limits": "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/RateLimits",
_38
"messaging_configurations": "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/MessagingConfigurations",
_38
"entities": "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Entities",
_38
"webhooks": "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Webhooks",
_38
"access_tokens": "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/AccessTokens"
_38
}
_38
}

Create a Service in one of two ways:

  1. In the Twilio Verify Console(link takes you to an external page)
  2. Using the API (code sample on this page)

A Verification Service is the set of common configurations used to create and check verifications. This includes features like:

One verification service can be used to send multiple verification tokens, it is not necessary to create a new service each time.

Step 2: Send a Verification Token

step-2-send-a-verification-token page anchor
Node.js
Python
C#
Java
Go
PHP
Ruby
twilio-cli
curl

_11
// Download the helper library from https://www.twilio.com/docs/node/install
_11
// Find your Account SID and Auth Token at twilio.com/console
_11
// and set the environment variables. See http://twil.io/secure
_11
const accountSid = process.env.TWILIO_ACCOUNT_SID;
_11
const authToken = process.env.TWILIO_AUTH_TOKEN;
_11
const client = require('twilio')(accountSid, authToken);
_11
_11
client.verify.v2.services('VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX')
_11
.verifications
_11
.create({to: '+15017122661', channel: 'sms'})
_11
.then(verification => console.log(verification.status));

Output

_23
{
_23
"sid": "VEXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_23
"service_sid": "VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_23
"account_sid": "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_23
"to": "+15017122661",
_23
"channel": "sms",
_23
"status": "pending",
_23
"valid": false,
_23
"date_created": "2015-07-30T20:00:00Z",
_23
"date_updated": "2015-07-30T20:00:00Z",
_23
"lookup": {},
_23
"amount": null,
_23
"payee": null,
_23
"send_code_attempts": [
_23
{
_23
"time": "2015-07-30T20:00:00Z",
_23
"channel": "SMS",
_23
"attempt_sid": "VLXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
_23
}
_23
],
_23
"sna": null,
_23
"url": "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Verifications/VEXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
_23
}

This will send a token to the end user through the specified channel. Newly created verifications will show a status of pending. Supported channels are:

Learn more about how to turn phone number input into E.164 format(link takes you to an external page) or how to customize the verification message.

Verification documentation.

Step 3: Check the Verification Token

step-3-check-the-verification-token page anchor
Node.js
Python
C#
Java
Go
PHP
Ruby
twilio-cli
curl

_11
// Download the helper library from https://www.twilio.com/docs/node/install
_11
// Find your Account SID and Auth Token at twilio.com/console
_11
// and set the environment variables. See http://twil.io/secure
_11
const accountSid = process.env.TWILIO_ACCOUNT_SID;
_11
const authToken = process.env.TWILIO_AUTH_TOKEN;
_11
const client = require('twilio')(accountSid, authToken);
_11
_11
client.verify.v2.services('VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX')
_11
.verificationChecks
_11
.create({to: '+15017122661', code: '123456'})
_11
.then(verification_check => console.log(verification_check.status));

Output

_14
{
_14
"sid": "VEXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_14
"service_sid": "VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_14
"account_sid": "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_14
"to": "+15017122661",
_14
"channel": "sms",
_14
"status": "approved",
_14
"valid": true,
_14
"amount": null,
_14
"payee": null,
_14
"sna_attempts_error_codes": [],
_14
"date_created": "2015-07-30T20:00:00Z",
_14
"date_updated": "2015-07-30T20:00:00Z"
_14
}

This will check whether the user-provided token is correct.

TokenStatus in response
Correctapproved
Incorrectpending

VerificationCheck documentation.

(information)

Info

You made it through the Verify API Overview. To protect your service against fraud, view our guidance on Preventing Toll Fraud when using Verify.


Rate this page: