Use Cases Integrations
api transactional
May 18, 2023
Implementing Verify (2FA)
Verify is E-goi’s version of an SMS-based Two-Factor Authentication (2FA).


  • E-goi Account
  • Active Transactional Service


Your business wants to add 2FA validation to its account registration. This can be done seamlessly using 2FA via E-goi’s API.

2FA happens when a sender (organisation) needs to verify the identity of a recipient. An intermediary (E-goi) provides an independent tunnel between the two. A successful 2FA string of events using our API looks like this:

The sender requests a validation code to be sent to the recipient:

  1. E-goi generates the code;
  2. E-goi sends the code to the recipient;
  3. The recipient submits the code to the sender;
  4. The sender submits the code to E-goi;
  5. E-goi validates the code.

API 2FA Functioning

In this series of events some alternatives may occur:

  • Alternative - The sender wants to cancel the Verify request.
    • Solution - The sender may cancel the Verify request at any point before the recipient validates the code.
  • Alternative - The code validity expires.
    • Solution - E-goi marks the request as expired.
  • Alternative - The recipient submits the wrong code.
    • Solution - E-goi waits for the correct code (until the request expires).

2FA Events

Enabling 2FA

You can send a request using E-goi’s Transactional Service, which sends a validation code to a number (eg. 351-910000000). We then receive a “requestId” in response to the request. The mobile number owner will have to provide the code received. You can then verify whether the validation code is valid by using it alongside “requestId”.

1. Send the 2FA request to +351910000000 and get the corresponding answer.

Payload Example:

	"apikey": "<your hash api key>",
	"number": "351-910000000",
	"senderHash": "<your sender hash>",
	"codeType": "numeric", // numeric, alpha, alphanumeric, hex
	"codeSize": "4",
	"group": "2FA",
	"codeTTL": "60", // 60 seconds
	"message": "Message text: {CODE}" // The text must contain {CODE}

Answer Payload Example:

  "requestId": "bcc3f46527d44408b434ebc24c229a49",
  "status": "Ok"

2. Your customer must then save the requestId and ask the recipient of the SMS for the code received.

3. Send the validation code and the respective “requestID “(code used for this example: 1234)

Payload Example:

  "apikey": "<your hash api key>",
  "requestId": "bcc3f46527d44408b434ebc24c229a49",
  "code": "1234"

Answer Payload Example:

  "requestId": "bcc3f46527d44408b434ebc24c229a49",
  "status": "Verified" // Verified, Expired, Already_Verified