API Marketing
Send campaigns, edit contacts, access report's data and perform a wide variety of other tasks on the fly.
Get Started
Documentation
SDK
API Transactional
Transactional Messaging is a 1-to-1 communication channel, from an organisation to a consumer.
Documentation
SDK
API Registered
Send email or SMS with legal evidence.
Documentation
API Track&Engage
Learn about your customer's behavior and interact with them on key actions.
Documentation
GTM
Use Cases Integrations
api transactional
May 18, 2023
Implementing Verify (2FA)
Verify is E-goi’s version of an SMS-based Two-Factor Authentication (2FA).

Requirements

  • E-goi Account
  • Active Transactional Service

Scenario

Your business wants to add 2FA validation to its account registration. This can be done seamlessly using 2FA via E-goi’s API.

2FA happens when a sender (organisation) needs to verify the identity of a recipient. An intermediary (E-goi) provides an independent tunnel between the two. A successful 2FA string of events using our API looks like this:

The sender requests a validation code to be sent to the recipient:

  1. E-goi generates the code;
  2. E-goi sends the code to the recipient;
  3. The recipient submits the code to the sender;
  4. The sender submits the code to E-goi;
  5. E-goi validates the code.

API 2FA Functioning

In this series of events some alternatives may occur:

  • Alternative - The sender wants to cancel the Verify request.
    • Solution - The sender may cancel the Verify request at any point before the recipient validates the code.
  • Alternative - The code validity expires.
    • Solution - E-goi marks the request as expired.
  • Alternative - The recipient submits the wrong code.
    • Solution - E-goi waits for the correct code (until the request expires).

2FA Events

Enabling 2FA

You can send a request using E-goi’s Transactional Service, which sends a validation code to a number (eg. 351-910000000). We then receive a “requestId” in response to the request. The mobile number owner will have to provide the code received. You can then verify whether the validation code is valid by using it alongside “requestId”.

1. Send the 2FA request to +351910000000 and get the corresponding answer.

Payload Example:

{
	"apikey": "<your hash api key>",
	"number": "351-910000000",
	"senderHash": "<your sender hash>",
	"codeType": "numeric", // numeric, alpha, alphanumeric, hex
	"codeSize": "4",
	"group": "2FA",
	"codeTTL": "60", // 60 seconds
	"message": "Message text: {CODE}" // The text must contain {CODE}
}

Answer Payload Example:

{
  "requestId": "bcc3f46527d44408b434ebc24c229a49",
  "status": "Ok"
}

2. Your customer must then save the requestId and ask the recipient of the SMS for the code received.

3. Send the validation code and the respective “requestID “(code used for this example: 1234)

Payload Example:

{
  "apikey": "<your hash api key>",
  "requestId": "bcc3f46527d44408b434ebc24c229a49",
  "code": "1234"
}

Answer Payload Example:

{
  "requestId": "bcc3f46527d44408b434ebc24c229a49",
  "status": "Verified" // Verified, Expired, Already_Verified
}
Products API Marketing API Transactional API Track&Engage
Use Cases Integrations Partner Agencies Program
Terms and Conditions Help