Authentication API

Passwordless login, 2-factor authentication & protected authorizations that are made for developers
Home
Product
Authentication
API

Using OneTouch to Build a Push Notification Verification

Start a secure & user-friendly authentication on a mobile device via push notifications. This can also secure in-app transactions such as money transfers.

CURL
NODE
NET (C#)
# # $TFA_API_KEY is the tfa API Key
# # $TFA_API_FORMAT is either “xml” or “json”
# # $TFI_ID example:  123456
# # $COUNTRY_CODE example: 1
# # $OT_MESSAGE is the OneTouch message
# # $OT_DETAILS is a string of details
# # $OT_ITL is the time (in seconds) for verification to occur

curl -X POST "http://api.tfa.com/onetouch/$TFAI_API_FORMAT/users/
$TFA_ID/approval_requests”\
-H "X-TFA-API-Key: $TFA_API_KEY" \
-d message="$OT_MESSAGE" \
-d details="$OT_DETAILS" \
-d seconds_to_expire="$OT_TTL"
# npm install tfa-client
# $TFA_ID example:  123456

const Client = require('tfa-client').Client;
const tfa = new Client({key: TFA_API_KEY});

var request = {
   tfaId: tfa_ID,
   details: {
       hidden: {
           "test": "This is a"
       },
       visible: {
           "Location": "California, USA",
           "Room": "VR Room 1"
       }
   },
   message: 'Requesting War Room Access'
};

tfa.createApprovalRequest(
   request, {
       ttl: 300
   }, function (err, resp) {
       if (err) {
           console.log(err);
       } else {
        console.log(resp);
       }
   });
public static async Task CreateApprovalRequestAsync()
 {
   // Create client
   var client = new HttpClient();

   // Add authentication header
   client.DefaultRequestHeaders.Add("X-tfa-API-Key", tfaAPIKey);

   var requestContent = new FormUrlEncodedContent(new[] {
     new KeyValuePair("message", "Requesting War Room Access"),
     new KeyValuePair("seconds_to_expire", "300"),
     new KeyValuePair("details[Location]", "California, USA"),
     new KeyValuePair("details[Room]", "VR Room 1"),
   });

   // http://api.tfa.com/onetouch/$TFA_API_FORMAT/users/$TFA_ID/
approval_requests
   HttpResponseMessage response = await client.PostAsync(
     "http://api.tfa.com/onetouch/json/users/5661166/approval_requests",
     requestContent);

   // Get the response content.
   HttpContent responseContent = response.Content;

   // Get the stream of the content.
   using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
     {
       // Write the output.
       Console.WriteLine(await reader.ReadToEndAsync());
     }
   }

Monitor Status on OneTouch Push Notification

You can either set a callback for the status change or poll the API once you request a Push Notification.

CURL
NODE
NET (C#)
# $TFA_API_KEY is the tfa API Key
# $TFA_API_FORMAT is either “xml” or “json”
# $TFA_ID example:  123456

curl "http://api.tfa.com/protected/$TFA_API_FORMAT/sms/$TFA_ID?force=true" \
-H "X-tfa-API-Key: $TFA_API_KEY"
# npm install tfa-client
const Client = require('tfa-client').Client;
const tfa = new Client({key: TFA_API_KEY});

tfa.getApprovalRequest({
   id: $UUID
   }, function (err, resp) {
       if (err) {
           console.log(err);
       } else {
       console.log(resp);

       }
   });
public static async Task VerifyPhoneAsync()
 {
   // Create client
   var client = new HttpClient();

   // Add authentication header
   client.DefaultRequestHeaders.Add("X-tfa-API-Key", tfaAPIKey);

   // https://api.tfa.com/protected/$TFA_API_FORMAT/phones/verification/check?phone_number=$USER_PHONE&country_code=$USER_COUNTRY
&verification_code=$VERIFY_CODE
   HttpResponseMessage response = await client.GetAsync("https://api.tfa.com/protected/json/phones/verification/check?phone_number=5558675309&country_code=1&verification_code=3043");

   // Get the response content.
   HttpContent responseContent = response.Content;

   // Get the stream of the content.
 using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
     {
       // Write the output.
       Console.WriteLine(await reader.ReadToEndAsync());
     }
   }

OneCode OTP Request through SMS

An internationally accessible approach of Authentication API, easy to use by individuals with a mobile phone or landline, wherever they are on the planet.

CURL
NODE
NET (C#)
# $TFA_API_KEY is the tfa API Key
# $TFA_API_FORMAT is either “xml” or “json”
# $TFA_ID example:  123456

curl "http://api.tfa.com/protected/$TFA_API_FORMAT/sms/$TFA_ID?force=true" \
-H "X-tfa-API-Key: $TFA_API_KEY"
# npm install tfa-client
const Client = require('tfa-client').Client;
const tfa = new Client({key: TFA_API_KEY});

tfa.requestSms({tfaId: req.body.tfaId}, {force: true}, function (err, resp) {
   if (err) throw err;
   console.log(resp);
});
public static async Task RequesttfaSMSAsync()
 {
   // Create client
   var client = new HttpClient();

   // Add authentication header
   client.DefaultRequestHeaders.Add("X-tfa-API-Key", tfaAPIKey);

   // http://api.tfa.com/protected/$TFA_API_FORMAT/sms/$TFA_ID?force=true
   HttpResponseMessage response = await client.GetAsync(
     "http://api.tfa.com/protected/json/sms/5661166?force=true");

   // Get the response content.
   HttpContent responseContent = response.Content;

   // Get the stream of the content.
   using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
     {
       // Write the output.
       Console.WriteLine(await reader.ReadToEndAsync());
     }
   }

OneCode OTP Request using Voice

An internationally accessible way of Authentication API done by anyone with a mobile phone or landline, globally.

CURL
NODE
NET (C#)
# $TFA_API_KEY is the tfa API Key
# $TFA_API_FORMAT is either “xml” or “json”
# $TFA_ID example:  123456

curl "http://api.tfa.com/protected/$TFA_API_FORMAT/sms/$TFA_ID?force=true" \
-H "X-tfa-API-Key: $TFA_API_KEY"
# npm install tfa-client
const Client = require('tfa-client').Client;
const tfa = new Client({key: TFA_API_KEY});

client.requestCall({ tfaId: 1635 }, function(err, res) {
 if (err) throw err;
 console.log('Call initiated’', res.cellphone);
});
public static async Task VerifyTokenAsync()
 {
   // Create client
   var client = new HttpClient();

   // Add authentication header
   client.DefaultRequestHeaders.Add("X-tfa-API-Key", tfaAPIKey);

   // http://api.tfa.com/protected/$TFA_API_FORMAT/verify/$ONECODE/$TFA_ID
   HttpResponseMessage response = await client.GetAsync(
     "http://api.tfa.com/protected/json/verify/3812001/5661166");

   // Get the response content.
   HttpContent responseContent = response.Content;

   // Get the stream of the content.
   using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
     {
       // Write the output.
       Console.WriteLine(await reader.ReadToEndAsync());
     }
   }

Authenticate a OneCode OTP

The most internationally available way of Authentication API is easily usable by people with a mobile phone or landline, globally.

CURL
NODE
NET (C#)
# $TFA_API_KEY is the tfa API Key
# $TFA_API_FORMAT is either “xml” or “json”
# $TFA_ID example:  123456

curl -i "http://api.tfa.com/protected/$TFA_API_FORMAT/call/$TFA_ID?force=true" \
-H "X-tfa-API-Key: $TFA_API_KEY"
# npm install tfa-client
const Client = require('tfa-client').Client;
const tfa = new Client({key: tfa_API_KEY});

client.verifyToken({ tfaId: TFA_ID, token: ONECODE }, function(err, resp) {
 if (err) throw err;
 console.log('Token is valid: ‘, resp');
});
public static async Task VerifyTokenAsync()
 {
   // Create client
   var client = new HttpClient();

   // Add authentication header
   client.DefaultRequestHeaders.Add("X-tfa-API-Key", tfaAPIKey);

   // http://api.tfa.com/protected/$TFA_API_FORMAT/verify/$ONECODE/$TFA_ID
   HttpResponseMessage response = await client.GetAsync(
     "http://api.tfa.com/protected/json/verify/3812001/5661166");

   // Get the response content.
   HttpContent responseContent = response.Content;

   // Get the stream of the content.
   using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
     {
       // Write the output.
       Console.WriteLine(await reader.ReadToEndAsync());
     }
   }

SoftToken Verification of smartphone-generated TOTP

The Ver app generates a token code which lets you complete an Authentication API step authentication without requiring your user to have an internet or cell connected device.

CURL
NODE
NET (C#)
# $TFA_API_KEY is the tfa API Key
# $TFA_API_FORMAT is either “xml” or “json”
# $TFA_ID example:  123456

curl -i "http://api.tfa.com/protected/$TFA_API_FORMAT/call/$TFA_ID?force=true" \
-H "X-tfa-API-Key: $TFA_API_KEY"
# npm install tfa-client
const Client = require('tfa-client').Client;
const tfa = new Client({key: tfa_API_KEY});

client.verifyToken({ tfaId: TFA_ID, token: ONECODE }, function(err, resp) {
 if (err) throw err;
 console.log('Token is valid: ‘, resp');
});
public static async Task VerifyTokenAsync()
 {
   // Create client
   var client = new HttpClient();

   // Add authentication header
   client.DefaultRequestHeaders.Add("X-tfa-API-Key", tfaAPIKey);

   // http://api.tfa.com/protected/$TFA_API_FORMAT/verify/$ONECODE/$TFA_ID
   HttpResponseMessage response = await client.GetAsync(
     "http://api.tfa.com/protected/json/verify/3812001/5661166");

   // Get the response content.
   HttpContent responseContent = response.Content;

   // Get the stream of the content.
   using (var reader = new StreamReader(await responseContent.ReadAsStreamAsync()))
     {
       // Write the output.
       Console.WriteLine(await reader.ReadToEndAsync());
     }
   }

Up Next:
See Authentication
API Use Cases
Why UsBlogsTestimonialsContact Us
About Us
Explore how texting gives you the edge for your business.
Follow us
Connect with us.
Follow and talk to us through our social media channels.
Newsletter
Receive promo updates via email
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get Support
We’ve got your back. Find immediate solutions 24/7.

Call or Text:
(703) 596 - 8989

Use Cases for Alerts

Connect with customers in the way they want.
Home
Product
Messaging
SMS
Use Case

Alternate Password login

Use alternative passwords with single-usecodes sent over SMS, voice or push. Phonenumber identities let you connect your userswith their contacts.

Block volume registration

Authenticate unique phone numbers to preventbots, spammers, and card testers moreefectively than captchas or email verification.

2-way authentication

Allow an additional second factor toauthenticate users without hardware costs orcomplex integration. Ensure global exposureand wide audience reach from day one.

Secure password reset

Reset passwords in a secure manner byconfirming users’ ownership of their phonenumber. Fastest solutions with less help desk orhelp center costs.

Improved authentication

Apply out-of-band authentication onhigh-value transactions or when risk scorecrosses a threshold and eliminate manualreviews.

Multi-tier verification

Balance user acquisition with compliance byphone verifying lower tier customers instead ofonerous id verification for all users.

Up Next: Voice Pricing
THE FONE API EDGE

Redundancy

Automated failover ensures that you have 99.95% uptime SLA without the need for a maintenance window.

Scalability

Use existing apps to new markets by configuring features for compliance and localization.

Multi-channel

Use a single platform for voice, SMS, video, authentication, chat and more.

Without hassles

Get free support, have the freedom to scale your business, market faster with pay-as-you-go.

Create your Account to Start Building
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.