How to send SMS OTP to any Mobile Phone using BOLD.Key REST API (Part 1)
As more mobile applications and users opt for password-free logins, SMS One Time Password (OTP) becomes the de facto medium for fulfilling their authentication and verification needs. In this article, we will walk through how to use BOLD.Key REST API to deliver SMS OTP to your user’s mobile phone.
Password-less Authentication Flow
Before we dive deeper, let’s take a look at a typical password-less authentication flow using SMS OTP.
SMS OTP with BOLD.Key
There are three main methods to generate and send SMS OTP via BOLD.Key.
· SMS OTP via Message Template
· SMS OTP via Customised Message
· SMS OTP via Default Message
The first method is executed using a prebuilt message template. The advantage of this method is that it eliminates the need to handle the generation and verification of the SMS OTP yourself. Instead, MACROKIOSK will manage the generation and verification of the OTP.
The second method is using a customised message if you want to personally customise the OTP message every time you send a SMS OTP. This method provides more flexibility. Using a customised message, BOLD.Key will only manage the generation of the OTP code and leaves the rest of the message to you.
The third method is a default message, which is the quickest and easiest method to execute. This method is similar to the template-based method with the exception that it will send out the SMS with a predefined OTP message “Your pincode is <OTPCode>. Powered by MACROKIOSK.”. The main difference is that you are unable to customise the OTP message using default messages.
For part one of this tutorial, we will focus on sending and verifying SMS OTP using the template-based method. Let’s get started!
Create a BOLD.Key SMS OTP Template
First things first, let’s create a template.
Log in to BOLD.Key dashboard using your existing BOLD.Up developer account. If you don’t have an account yet, sign up here.
Click on Setup > SMS OTP Templates on the sidebar, then click “Add New” to add a new SMS OTP template.
Enter all the required details. Here you have the flexibility to customise the OTP’s format, length and its validity period. You can also set the number of validation attempts as well as the SMS OTP message.
Note: You can create multiple templates with different OTP message as per your requirements.
Generate SMS OTP with BOLD.Key API
Once you have created a template, you can utilise the REST API POST endpoints and JSON for interacting with the API (a BOLD.Up developer account access is required):
https://secure.etracker.cc/MobileOTPAPI/SMSOTP/OTPGenerate
For this template-based method, the required parameters are:
· user
· pass
· from
· to
· servid
· tmpCode
· ApiReturnType
Note: ApiReturnType is optional and by default is set to 1 (text). Since we are using JSON, we will need this parameter and set it to 2 for JSON.
You should get a status code from the API response with the Json format shown in the image above.
Validate OTP with BOLD.Key API
Your user should receive an SMS with the OTP message sent from BOLD.Key.
The next step is to validate the OTP code that your user receives. To do this, you can utilise one of the two available REST API POST endpoints and JSON for interacting with the API.
https://secure.etracker.cc/MobileOTPAPI/SMSOTP/OTPVerify
The required parameters are:
· user
· pass
· from
· to
· servid
· tmpCode
· pincode
· ApiReturnType
You should get a status code indicating the validation is successful shown in the image above. If you get the status code “502” it means the OTP code is invalid, or “503” for expired OTP code. For a complete set of response codes, refer to this page (a BOLD.Up developer account access is required).
By now, you should be able to send SMS OTPs via template. Stay tuned for part two where we will explore other methods of BOLD.Key SMS OTP generation and verification.
If you are looking to build quick prototypes or experiment with extending communication capabilities for your product, sign up with BOLD.Up, a Developer Relations Initiative by MACROKIOSK created and designed for developers to explore, develop and integrate with its BOLD. solutions in the areas of Communication, Authentication, Engagement and Payment.
Reach out to us here or ask BOLD.Up if you have any further enquiries. We are ready to assist.
About MACROKIOSK
MACROKIOSK is Asia’s leading digital technology company with a strong global presence. Since 2000, we are at the forefront of delivering Digitalisation Platform as-a-Service (DPaaS) via innovative digital solutions to businesses and individuals to help them engage with customers in the digital economy.
To date, more than 3000 clienteles in 37 countries spanning 24 industries and millions of users experience MACROKIOSK’s digital products and solutions that are scalable, secure and highly adaptable to their needs.
Follow us on: Facebook | Twitter | Medium | LinkedIn | Newsletter
Or visit our website.
