NodeJS Series

Twilio OTP Authentication

A guide to Twilio OTP Authentication with NodeJS

As part of this article, we will walk through how we can send a verification code via SMS to a user and verify the same code using Twilio services.

Twilio is a cloud communication platform. With the Twilio services, we can send a text via SMS, Whatsapp, and Email, place a voice message, connect a call and start a chat from our application. All these can be done with just a few lines of code.

We can just pay for what service we are using. Twilio also provides a free trial account which developers can easily use for development and testing purposes.

Twilio OTP Authentication Work flow

Credit: Author

Our application sends an API request to enable Twilio to send a verification code to the user via SMS. Once the user has entered the code on our application, it again sends an API request to enable Twilio to verify whether the code entered is correct or not.

Twilio Account & Verify Service Setup

Step 1: Create an account on Twilio

Credit: Author

Step 2: Choose “SMS” as the Twilio product and “Identity and Verification” as the plan

Also give other details as shown below:

Credit: Author

Step 3: Choose an Account

By default, you will be having an account called “My first Twilio account”. You can also create new accounts if you want.

Credit: Author

Each account can be identified with an “Account SID” and “Auth Token”.

Credit: Author

Step 4: Add “Verify” product to the “Develop” section

By default, “Verify” product can be found under “Develop” section. If not, add the product from “Explore Products” section.

Credit: Author

Step 5: Create a verify service

Credit: Author

Provide a custom service name and choose “SMS” as the verification channel.

Credit: Author

Each service will have a “Service SID”. We can also set the length of the verification code. Twilio recommends a code length of at least 6 digits for better security.

Credit: Author

Node APIs for Send & Verify code

Step 1: Create a package.json file

npm init -y

Step 2 : Install “twilio” dependency

npm install twilio

Step3: Install required dependencies for a NodeJs App

npm install express body-parser dotenv

Your package.json looks like below which you can change accordingly.

Credit: Author

Step 4: Create a .env file and copy Twilio credentials

PORT = "Your Port"
TWILIO_ACCOUNT_SID = "Your Twilio Account SID"
TWILIO_AUTH_TOKEN = "Your Twilio AUTH Token"
TWILIO_SERVICE_SID = "Your Twilio Service SID"

Step 5: Create an entry file “index.js”

Credit: Author

Step 6: Create a router file inside “src/routes/” to route the Twilio OTP operations

We have two routes:

1. Send OTP -> To send a verification code to the user’s phone number
2. Verify OTP -> To verify the code which has been send to the user

Credit: Author

Step 7: Create a controller file inside “src/controller” to handle the OTP operations

Import Twilio with the credentials.

Credit: Author

sendOTP() method accepts two parameters: countryCode and phoneNumber and will send an OTP to the given phone number using verifications services of Twilio.

Credit: Author

verifyOTP() accepts countryCode, phoneNumber and OTP and it verifies the OTP using verificationChecks services of Twilio.

Credit: Author

API Test Results using Postman

1. Send OTP API

Credit: Author

You will get the OTP in your phone number as below:

Credit: Author

2. Verify OTP API

Credit: Author

With the Twilio services, we don’t need to write from scratch to authenticate a user’s phone number. Twilio ensures the SMS reaches the intended user.

References

1. https://www.twilio.com/
2. https://github.com/twilio
3. https://www.youtube.com/watch?v=ekv6Xh_Im5c

Happy Coding with Twilio:)