How do I set up Twilio for SMS and IVR?

Let's explore the two-factor authentication choices provided by SurePassID before delving into setting up Twilio.

For authentication, SurePassID offers various options:

- SMS OTP: A one-time passcode is sent to the user's phone via SMS. Once the user enters this code, access is granted.

- SMS Push Notification: A question is sent to the user's phone. If the user accepts by pressing a specific button, access is granted.

- Voice OTP: An OTP is spoken to the user over the phone. Upon entering this code, access is granted.

- Voice Push Notification (IVR): A question is asked to the user over the phone. Granting access requires the user to accept by pressing a specific button.

These options offer the flexibility to tailor parameters like the time allowed for a response, the content of the message, and the specific key presses needed for push authentication. You can customize settings such as the duration within which users must respond, the content of the message, and the specific key presses required for push authentication.

To Set-up Twilio you need to follow these shttps://www.twilio.com/docs/messaging/guides/how-to-use-your-free-trial-accountteps: 

Step 1: To begin, sign up for a Twilio Account and choose a telephone number. Here are some helpful links to get you started:

Free SMS Business Account

Twilio Account Set-up Guide (US)

Twilio Account Set-up Guide (Outside US)

Step 2:  Retrieve the necessary account credentials from your Twilio account to set up SurePassID. You will need the Account SID, Auth Token, and Twilio Phone Number for configuration, as illustrated below: 

Step 3:  Input the Account SID, Auth Token, and Twilio Phone Number into your SurePassID account following the instructions provided below:

Step 4:  If you are only utilizing SMS OTP or Voice OTP, then your setup is complete. However, if you plan to use push notifications, please proceed to Step 5. 

Step 5:  For push notification to work you must set-up Twilio to notify SurePassID when the user completes authentication on their phone.  To complete this step you need to follow these instructions: 

  • Navigate to the list of telephone numbers associated with your account.
  • Select the phone numbers option in the left pane.
  • Find the specific phone number designated for push notifications and click on it.
  • Scroll down to the Messaging Configuration section on the right side.
  • Enter the required information for "A message comes in," including the URL and HTTP settings as indicated below.

Ensure that the URL provided directs to your SurePassID MFA server. Whether your SurePassID is on-premises or in a private cloud, use the URL of your MFA server. In on-premises or private cloud environments, seamless authentication is typically achieved using a reverse proxy that directs the request to the MFA Server. It is not necessary to expose the entire MFA server to the internet. The URL in this example is valid for when you use are using the SurePassID Commercial Cloud version.