OTP/Mobile verification
In addition to sending SMS, Textbelt automates one-time password (OTP) and mobile verification use cases.
There is no extra charge for sending and verifying OTPs compared to sending normal SMS. For this reason, Textbelt is very cost-effective compared to other solutions.
The https://textbelt.com/otp/generate HTTP POST endpoint will create a one-time code and send it to the user's phone.
The /otp/generate endpoint requires the following parameters:
phone: A phone number. If you're in the U.S., you can just send a normal 10-digit phone number with area code. Outside the U.S., it is best to send the phone number in E.164 format with your country code. For example, a British phone number is +447712345678.
userid: An id that is unique to your user. This can be any string.
key: Your Textbelt API key (use
example_otp_keyto test).
Optional parameters:
message: The content of your SMS. Replaces the default message "Your verification code is XXX". Use the $OTP variable to include the OTP in your message.
lifetime: Determines how many seconds the OTP is valid for. Defaults to 180, or 3 minutes.
length: The number of digits in your OTP. Defaults to 6.
Here are basic examples that use only the required parameters:
curl -X POST https://textbelt.com/otp/generate \--data-urlencode phone='5555555555' \--data-urlencode userid='myuser@site.com' \-d key=example_otp_key
Using the popular requests library:
import requests​resp = requests.post('https://textbelt.com/otp/generate', {'phone': '5555555555','userid': 'myuser@site.com','key': 'example_otp_key',})print(resp.json())
require 'net/http'require 'uri'​uri = URI.parse("https://textbelt.com/otp/generate")Net::HTTP.post_form(uri, {:phone => '5555555555',:userid => 'myuser@site.com',:key => 'example_otp_key',})
Using the popular request library:
const request = require('request');request('https://textbelt.com/otp/generate', {body: {phone: '5555555555',userid: 'myuser@site.com',key: 'example_otp_key',},})
Using the browser Fetch API and a CORS request:
fetch('https://textbelt.com/text', {method: 'post',headers: { 'Content-Type': 'application/json' },body: JSON.stringify({phone: '5555555555',userid: 'myuser@site.com',key: 'example_otp_key',}),}).then(response => {return response.json();}).then(data => {console.log(data);});
$ch = curl_init('https://textbelt.com/otp/generate');$data = array('phone' => '5555555555','userid' => 'myuser@site.com','key' => 'example_otp_key',);​curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);​$response = curl_exec($ch);curl_close($ch);
using System;using System.Collections.Specialized;using System.Net;​using (WebClient client = new WebClient()){byte[] response = client.UploadValues("http://textbelt.com/text", new NameValueCollection() {{ "phone", "5555555555" },{ "userid", "myuser@site.com" },{ "key", "example_otp_key" },});​string result = System.Text.Encoding.UTF8.GetString(response);}
Using the popular Apache HttpComponents library:
final NameValuePair[] data = {new BasicNameValuePair("phone", "5555555555"),new BasicNameValuePair("userid", "myuser@site.com"),new BasicNameValuePair("key", "example_otp_key")};HttpClient httpClient = HttpClients.createMinimal();HttpPost httpPost = new HttpPost("https://textbelt.com/otp/generate");httpPost.setEntity(new UrlEncodedFormEntity(Arrays.asList(data)));HttpResponse httpResponse = httpClient.execute(httpPost);​String responseString = EntityUtils.toString(httpResponse.getEntity());JSONObject response = new JSONObject(responseString);
import ("net/http""net/url")​func main() {values := url.Values{"phone": {"5555555555"},"userid": {"myuser@site.com"},"key": {"example_otp_key"},}​http.PostForm("https://textbelt.com/text", values)}
$body = @{"phone"="5555555555""userid"="myuser@site.com""key"="example_otp_key"}$submit = Invoke-WebRequest -Uri https://textbelt.com/text -Body $body -Method Post
Include optional parameters to customize your OTP:
curl -X POST https://textbelt.com/otp/generate \--data-urlencode phone='5557727420' \--data-urlencode userid='myuser@site.com' \--data-urlencode message='Nuclear launch code: $OTP! Use it to login.' \-d lifetime=120 \-d length=4 \-d key=example_otp_key
The /otp/generate endpoint returns a JSON response with the following attributes:
success: Whether the otp was successfully sent.
textId:The ID of the text message sent, so you can track its delivery. Use this to check SMS delivery status.
quotaRemaining: The amount of credit left on your key.
otp: The one-time verification code sent to the user.
Here's an example API response from the OTP generation endpoint /otp/generate:
{"success": true, "textId": "1234", "quotaRemaining": 70, "otp": "672383"}
Here's an example response when you are out of SMS credits or used an invalid key in your request:
{"success": false, "quotaRemaining": 0, "otp": ""}
Once you've sent the one-time code, your user will enter a code on your website or application. You can use Textbelt to confirm that the code is valid.
This is done via HTTP GET request to the /otp/verify endpoint. Supply the following parameters:
otp:The code entered by the user.
userid: The ID of the user. Should match the id that you used in the prior
/otp/generatestep.key: Your Textbelt API key.
Here's an example URL:
https://textbelt.com/otp/verify?otp=123456&userid=myuser@site.com&key=example_otp_key
You can request it via a simple HTTP GET request in any language of your choosing:
user_entered_code=12345userid=myuser@site.comkey=example_otp_key​curl "https://textbelt.com/otp/verify?otp=${user_entered_code}&userid=${userid}&key=${key}"
The response contains the following:
success: Whether the request was successfully received and processed. True or false.
isValidOtp: Whether the OTP is correct for the given userid. True or false.
Use isValidOtp to decide whether to let the user into your app!
Here's an example response for a valid OTP:
{"success": true, "isValidOtp": true}
Here's an example response for an invalid OTP:
{"success": true, "isValidOtp": false}
OTP keys are the same as normal Textbelt keys. This means you can mix and match your quota to send OTPs and normal text messages. Create an API key to start sending and receiving SMS.