This documentation is for WSO2 Identity Server 5.7.0. View documentation for the latest release.
Page Comparison - Configuring SMS OTP (v.1 vs v.2) - Identity Server 5.7.0 - WSO2 Documentation

All docs This doc

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Start WSO2 Identity Server (IS).
  2. Download the certificate of the SMS provider by going to the SMS providers website on your browser, and clicking the HTTPS trust icon on the address bar.
    For example, navigate to https://www.nexmo.com, and click the padlock next to the URL on Chrome.
  3. Navigate to the <IS_HOME>/repository/resources/security directory via the terminal and import the downloaded certificate into the WSO2 IS client keystore.    

    Code Block
    keytool -importcert -file <CERTIFICATE_FILE_PATH> -keystore client-truststore.jks -alias "Nexmo" 
  4. You are prompted to enter the keystore password. The default client-truststore.jks password is wso2carbon .

  5. Log into the management console as an administrator.

  6. In the Identity section under the Main tab of the management console, click Add under Identity Providers.

  7. Give a suitable name (e.g., SMSOTP) as the Identity Provider Name.

  8. Go to the SMS OTP Configuration under Federated Authenticators.

  9. Select both check-boxes to Enable SMSOTP Authenticator and to make it the Default.

  10. Enter the SMS URL, the HTTP Method used (e.g., GET or POST), and the headers and payload if the API uses any.

    Info
    • If the text message and the phone number are passed as parameters in any field, include them as $ctx.num and $ctx.msg respectively. 

    • Optionally, enter the HTTP response code the SMS service provider sends when the API is successfully called. Nexmo API and  Bulksms API sends 200 as the code, while Clickatell and Plivo send 202. If this value is unknown, leave it blank and the connector checks if the response is 200, 201 or 202. 
    Expand
    titleClick here to configure Nexmo as the service provider.
    Panel
    borderColor#D7B9A3
    bgColor#ffffff
    borderWidth1

    Follow the steps given below if Nexmo is used as the SMS provider:

    1. Go to https://dashboard.nexmo.com/sign-up and sign up.
    2. Once you successfully register, the API key and secret are displayed. Copy and save them as you need them for the next step.
      Example:
    3. The Nexmo API requires the parameters to be encoded in the URL, so the SMS URL would be as follows.      

      SMS URLhttps://rest.nexmo.com/sms/json?api_key=<ENTER_API_KEY>&api_secret=<ENTER_API_SECRET>&from=NEXMO&to=$ctx.num&text=$ctx.msg
      HTTP MethodPOST
    Expand
    titleClick here to configure Clickatell as the service provider.
    Panel
    borderColor#D7B9A3
    bgColor#ffffff
    borderWidth1

    Follow the steps given below if Clickatell is used as the SMS provider:

    1. Go to https://secure.clickatell.com/#/login and create an account.
    2. The Auth token is provided when you register with Clickatell.

    3. Clickatell uses a POST method with headers and the text message and phone number are sent as the payload. So the fields would be as follows.

      SMS URLhttps://api.clickatell.com/rest/message
      HTTP MethodPOST
      HTTP HeadersX-Version: 1,Authorization: bearer <ENTER_AUTH_TOKEN>,Accept: application/json,Content-Type: application/json
      HTTP Payload{"text":" $ctx.msg ","to":[" $ctx.num "]}
    Expand
    titleClick here to configure Plivo as the service provider.
    Panel
    borderColor#D7B9A3
    bgColor#ffffff
    borderWidth1

    Follow the steps given below if Plivo is used as the SMS provider:

    1. Sign up for a free Plivo trial account.
    2. Phone numbers must be verified at the Sandbox Numbers page (add at least two numbers and verify them).

    3. The Plivo API is authenticated with Basic Auth using your AUTH ID and AUTH TOKEN, Your Plivo AUTH ID and AUTH TOKEN can be found when you log in to your dashboard.
    4. Plivo uses a POST method with headers, and the text message and phone number are sent as the payload. So the fields would be as follows.

      SMS URL

      https://api.plivo.com/v1/Account/{auth_id}/Message/

      HTTP MethodPOST
      HTTP HeadersAuthorization: Basic ********,Content-Type: application/json
      HTTP Payload{"src":"+94*********","dst":"$ctx.num","text":"$ctx.msg"}
    Expand
    titleClick here to configure Bulksms as the service provider.
    Panel
    borderColor#D7B9A3
    bgColor#ffffff
    borderWidth1

    Follow the steps given below if Bulksms is used as the SMS provider:

    1. Go to  https://www2.bulksms.com/login.mc  and create an account.
    2. While registering the account, verify your mobile number and click Claim to get free credit. 

      Info

      Bulksms API authentication is performed by providing the username and password request parameters.=

    3. Bulksms uses the POST method and the required parameters are to be encoded in the URL. So the fields would be as follows.

      SMS URLhttps://bulksms.vsms.net/eapi/submission/send_sms/2/2.0?username=<ENTER_USERNAME>&password=<ENTER_PASSWORD>&message=$ctx.msg&msisdn=$ctx.num
      HTTP MethodPOST
      HTTP HeadersContent-Type: application/x-www-form-urlencoded
    Expand
    titleClick here to configure Twilio as the service provider.
    Panel
    borderColor#D7B9A3
    bgColor#ffffff
    borderWidth1

    Follow the steps given below if Twilio is used as the SMS provider:

    1. Go to  https://www.twilio.com/try-twilio  and create an account.
    2. While registering the account, verify your mobile number and click on console home https://www.twilio.com/console to get free credit (Account SID and Auth Token). 

    3. Twilio uses the POST method with headers, and the text message and phone number are sent as the payload. The fields would be as follows. 

      SMS URLhttps://api.twilio.com/2010-04-01/Accounts/{AccountSID}/SMS/Messages.json
      HTTP MethodPOST
      HTTP HeadersAuthorization: Basic base64{AccountSID:AuthToken}
      HTTP PayloadBody=$ctx.msg&To=$ctx.num&From=urlencode{FROM_NUM}
  11. Click Register.

...