• Create a Push Notification Authentication with OneTouch

    Use a push notification to a mobile device to start a secure, yet user-friendly authentication. Can also be used for protecting in application transactions, like money transfers.

    View Docs
    • Curl
    • Node
    • .NET (C#)
    # $AUTHY_API_KEY is the Authy API Key
    # $AUTHY_API_FORMAT is either “xml” or “json”
    # $AUTHY_ID example:  123456
    # $COUNTRY_CODE example: 1
    # $OT_MESSAGE is the OneTouch message
    # $OT_DETAILS is a string of details
    # $OT_TTL is the time (in seconds) for verification to occur
    
    curl -X POST "http://api.authy.com/onetouch/$AUTHY_API_FORMAT/users/$AUTHY_ID/approval_requests” \
    -H "X-Authy-API-Key: $AUTHY_API_KEY" \
    -d message="$OT_MESSAGE" \
    -d details="$OT_DETAILS" \
    -d seconds_to_expire="$OT_TTL"
    # npm install authy-client
    # $AUTHY_ID example:  123456
    
    const Client = require('authy-client').Client;
    const authy = new Client({key: AUTHY_API_KEY});
    
    var request = {
        authyId: AUTHY_ID,
        details: {
            hidden: {
                "test": "This is a"
            },
            visible: {
                "Location": "California, USA",
                "Room": "VR Room 1"
            }
        },
        message: 'Requesting War Room Access'
    };
    
    authy.createApprovalRequest(
        request, {
            ttl: 300
        }, function (err, resp) {
            if (err) {
                console.log(err);
            } else {
            	console.log(resp);
            }
        });
    public static async Task CreateApprovalRequestAsync()
      {
        // Create client
        var client = new HttpClient();
    
        // Add authentication header
        client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey);
    
        var requestContent = new FormUrlEncodedContent(new[] {
          new KeyValuePair("message", "Requesting War Room Access"),
          new KeyValuePair("seconds_to_expire", "300"),
          new KeyValuePair("details[Location]", "California, USA"),
          new KeyValuePair("details[Room]", "VR Room 1"),
        });
    
        // http://api.authy.com/onetouch/$AUTHY_API_FORMAT/users/$AUTHY_ID/approval_requests
        HttpResponseMessage response = await client.PostAsync(
          "http://api.authy.com/onetouch/json/users/5661166/approval_requests",
          requestContent);
    
        // Get the response content.
        HttpContent responseContent = response.Content;
    
        // Get the stream of the content.
        using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
          {
            // Write the output.
            Console.WriteLine(await reader.ReadToEndAsync());
          }
        }
  • Check OneTouch Push Notification Status

    Once you’ve requested a Push Notification, you can either set a callback for the status change or poll the API with this example.

    View Docs
    • Curl
    • Node
    • .NET (C#)
    # $AUTHY_API_KEY is the Authy API Key
    # $AUTHY_API_FORMAT is either “xml” or “json”
    # $UUID is the string returned after creating a OneTouch request
    
    curl "http://api.authy.com/onetouch/$AUTHY_API_FORMAT/approval_requests/$UUID" \
    -H "X-Authy-API-Key: $AUTHY_API_KEY"
    # npm install authy-client
    const Client = require('authy-client').Client;
    const authy = new Client({key: AUTHY_API_KEY});
    
    authy.getApprovalRequest({
        id: $UUID
        }, function (err, resp) {
            if (err) {
                console.log(err);
            } else {
            console.log(resp);
    
            }
        });
    public static async Task VerifyPhoneAsync()
      {
        // Create client
        var client = new HttpClient();
    
        // Add authentication header
        client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey);
    
        // https://api.authy.com/protected/$AUTHY_API_FORMAT/phones/verification/check?phone_number=$USER_PHONE&country_code=$USER_COUNTRY&verification_code=$VERIFY_CODE
        HttpResponseMessage response = await client.GetAsync("https://api.authy.com/protected/json/phones/verification/check?phone_number=5558675309&country_code=1&verification_code=3043");
    
        // Get the response content.
        HttpContent responseContent = response.Content;
    
        // Get the stream of the content.
    	  using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
          {
            // Write the output.
            Console.WriteLine(await reader.ReadToEndAsync());
          }
        }
  • Request a OneCode OTP via SMS

    The most globally available method of 2FA, usable by anyone with a mobile phone or landline, anywhere in the world.

    View Docs
    • Curl
    • Node
    • .NET (C#)
    # $AUTHY_API_KEY is the Authy API Key
    # $AUTHY_API_FORMAT is either “xml” or “json”
    # $AUTHY_ID example:  123456
    
    curl "http://api.authy.com/protected/$AUTHY_API_FORMAT/sms/$AUTHY_ID?force=true" \
    -H "X-Authy-API-Key: $AUTHY_API_KEY"
    # npm install authy-client
    const Client = require('authy-client').Client;
    const authy = new Client({key: AUTHY_API_KEY});
    
    authy.requestSms({authyId: req.body.authyId}, {force: true}, function (err, resp) {
        if (err) throw err;
        console.log(resp);
    });
    public static async Task RequestAuthySMSAsync()
      {
        // Create client
        var client = new HttpClient();
    
        // Add authentication header
        client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey);
    
        // http://api.authy.com/protected/$AUTHY_API_FORMAT/sms/$AUTHY_ID?force=true
        HttpResponseMessage response = await client.GetAsync(
          "http://api.authy.com/protected/json/sms/5661166?force=true");
    
        // Get the response content.
        HttpContent responseContent = response.Content;
    
        // Get the stream of the content.
        using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
          {
            // Write the output.
            Console.WriteLine(await reader.ReadToEndAsync());
          }
        }
  • Request a OneCode OTP via Voice

    The most globally available method of 2FA, usable by anyone with a mobile phone or landline, anywhere in the world.

    View Docs
    • Curl
    • Node
    • .NET (C#)
    # $AUTHY_API_KEY is the Authy API Key
    # $AUTHY_API_FORMAT is either “xml” or “json”
    # $AUTHY_ID example:  123456
    
    curl -i "http://api.authy.com/protected/$AUTHY_API_FORMAT/call/$AUTHY_ID?force=true" \
    -H "X-Authy-API-Key: $AUTHY_API_KEY"
    
    # npm install authy-client
    const Client = require('authy-client').Client;
    const authy = new Client({key: AUTHY_API_KEY});
    
    client.requestCall({ authyId: 1635 }, function(err, res) {
      if (err) throw err;
      console.log('Call initiated’', res.cellphone);
    });
    public static async Task RequestAuthyVoiceAsync()
      {
        // Create client
        var client = new HttpClient();
    
        // Add authentication header
        client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey);
    
        // http://api.authy.com/protected/$AUTHY_API_FORMAT/call/$AUTHY_ID?force=true
        HttpResponseMessage response = await client.GetAsync(
          "http://api.authy.com/protected/json/call/5661166?force=true");
    
        // Get the response content.
        HttpContent responseContent = response.Content;
    
        // Get the stream of the content.
        using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
          {
            // Write the output.
            Console.WriteLine(await reader.ReadToEndAsync());
          }
        }
  • Verify a OneCode OTP

    The most globally available method of 2FA, usable by anyone with a mobile phone or landline, anywhere in the world.

    View Docs
    • Curl
    • Node
    • .NET (C#)
    # $AUTHY_API_KEY is the Authy API Key
    # $AUTHY_API_FORMAT is either “xml” or “json”
    # $AUTHY_ID example:  123456
    # $ONECODE is the requested token
    
    curl -i "http://api.authy.com/protected/$AUTHY_API_FORMAT/verify/$ONECODE/$AUTHY_ID" \
    -H "X-Authy-API-Key: $AUTHY_API_KEY"
    # npm install authy-client
    const Client = require('authy-client').Client;
    const authy = new Client({key: AUTHY_API_KEY});
    
    client.verifyToken({ authyId: AUTHY_ID, token: ONECODE }, function(err, resp) {
      if (err) throw err;
      console.log('Token is valid: ‘, resp');
    });
    public static async Task VerifyTokenAsync()
      {
        // Create client
        var client = new HttpClient();
    
        // Add authentication header
        client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey);
    
        // http://api.authy.com/protected/$AUTHY_API_FORMAT/verify/$ONECODE/$AUTHY_ID
        HttpResponseMessage response = await client.GetAsync(
          "http://api.authy.com/protected/json/verify/3812001/5661166");
    
        // Get the response content.
        HttpContent responseContent = response.Content;
    
        // Get the stream of the content.
        using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
          {
            // Write the output.
            Console.WriteLine(await reader.ReadToEndAsync());
          }
        }
  • Verify the Smartphone generated TOTP with SoftToken

    Complete a 2FA step without requiring your user to have an internet or cell connected device. Simply verify the token generated by the Authy app, regardless of whether or not your device has is connected.

    View Docs
    • Curl
    • Node
    • .NET (C#)
    # $AUTHY_API_KEY is the Authy API Key
    # $AUTHY_API_FORMAT is either “xml” or “json”
    # $AUTHY_ID example:  123456
    # $ONECODE is the requested token
    
    
    curl -i "http://api.authy.com/protected/$AUTHY_API_FORMAT/verify/$ONECODE/$AUTHY_ID" \
    -H "X-Authy-API-Key: $AUTHY_API_KEY"
    # npm install authy-client
    const Client = require('authy-client').Client;
    const authy = new Client({key: AUTHY_API_KEY});
    
    client.verifyToken({ authyId: AUTHY_ID, token: ONECODE }, function(err, resp) {
      if (err) throw err;
      console.log('Token is valid: ‘, resp');
    });
    public static async Task VerifyTokenAsync()
      {
        // Create client
        var client = new HttpClient();
    
        // Add authentication header
        client.DefaultRequestHeaders.Add("X-Authy-API-Key", AuthyAPIKey);
    
        // http://api.authy.com/protected/$AUTHY_API_FORMAT/verify/$ONECODE/$AUTHY_ID
        HttpResponseMessage response = await client.GetAsync(
          "http://api.authy.com/protected/json/verify/3812001/5661166");
    
        // Get the response content.
        HttpContent responseContent = response.Content;
    
        // Get the stream of the content.
        using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
          {
            // Write the output.
            Console.WriteLine(await reader.ReadToEndAsync());
          }
        }
The Twilio advantage
  • Communicate reliably

    Experience a 99.95% uptime SLA made possible with automated failover and zero-maintenance windows.

  • Operate at scale

    Extend the same app you write once to new markets with configurable features for localization and compliance.

  • Many channels

    Use the same platform you know for voice, SMS, video, chat, two-factor authentication, and more.

  • No shenanigans

    Get to market faster with pay-as-you-go pricing, free support, and the freedom to scale up or down without contracts.