Multi-Factor Authentication User Guide
To get started, please read and familiarize yourself with the Syniverse Multi-factor Authentication Service offering Overview and API resource documents.
Prerequisites
To be able to use the Syniverse Multi-Factor Authentication service following items need to be completed:
- Signup to a Company in Syniverse Developer Community
- Subscription to the Multi-Factor Authentication Service
- Account in Syniverse Developer Community with funds
Related Services
Syniverse Multi-Factor Authentication service is a standalone solution, but does require other services to complete the solution. For delivery of token to end-users, Syniverse offers the option of integrating with a Voice API (Text-to-Speech), SMS or Push Notification API.
Quick Start Guide
After login to the Syniverse Developer Community, proceed to subscribe to the MFA service offering by following the instructions below:
- Click "Service Offerings" menu
- Click Multi-Factor Authentication Service Offering
- Expand "Subscriptions" menu
- Click "Subscribe..." and select "Initial account for [Your username]"
- Accept Terms of Service
- Click
- Verify that your "Initial account for [Your username]" is listed in Subscriptions
- Click "Applications" menu
- Click "New application" button
- Give your Application a name and description, click save
- Click gear icon next to your app name and select "Edit"
- Expand "Account & APIs" menu
- Select the "Initial account for [Your username]" from drop down menu
- Turn "MFA" and "Whitelisting Services" On
- Expand "Auth Keys"
- You can Re-Generate the Access token (optional)
- Copy and store keys in a safe place
- Click "Save"
- Hover over "Your Name" on top right corner
- Click "Company"
- You can give your Company a name (Optional)
- Scroll down and Click "Whitelist" tab (Whitelisting is required for the numbers you intend to send to using the Initial Account)
- Click "Add phone number"
- Enter your mobile number and click "Send confirmation code"
- Enter the code you received as an SMS
- Click "Add"
Now you are ready to use the MFA service.
Syniverse Multi-factor authentication service APIs can be used to Create a MFA app and users, Associate a mobile user, Validate the user and thereafter authenticated those registered users against your applications. Tokens generated for authenticating users can be delivery via SMS, Voice (Text to Speech) or via Push notification delivery service.
To invoke the MFA service using SMS token Delivery, Customers will need a Sender ID (Shortcode) or if recipients are in US, may use a default Public channel provided by Syniverse.
To execute a MFA call, Customers will need to have the following information ready:
- MFA Base URL: https://api.syniverse.com/scg-external-api/api/v1
- A Channel ID or a Sender ID. Syniverse provides a Public Channel ID for your convenience. Please note that if you are Authenticating user outside of the US, a Private Sender ID (Longcode/shortcode) is required.
- Bearer Token: This is your Access token that is generated with your registered application.
Using your application, below are the sequence of events to perform a MFA:
1. Create MFA application with public channel or Sender ID
curl -X POST -H "Authorization: Bearer TOKEN" -H "Content-Type: application/json" -d '{"name":"TEST_MFA_PROD_Sample","description":"TEST_MFA_PROD_Sample_DESC","auth_code_length":6, "auth_token_type":"NUMERIC","auth_token_validity_duration":"600","message_from":"channel:gqKlekr-S22CJul_aE4XFQ"}' https://api.syniverse.com/mfa/v1/applications
2. Associate a user:
This associates a user’s mobile number with the application that was created
curl -X POST -H "Authorization: Bearer TOKEN" -H "Content-Type: application/json" -d '{"display_name":"TEST_MFA_PROD_Sample", "address":"+14085551212"}' https://api.syniverse.com/mfa/v1/applications/XkpeXN1wkJK4ay0wKcwvC1/users/Kola/associate
3. Validate a user
This validates that the user’s mobile number is authenticated with your application
curl -X POST -H "Authorization: Bearer TOKEN" -H "Content-Type: application/json" -d '{"validation_code":"962985"}' https://api.syniverse.com/mfa/v1/applications/XkpeXN2wkJK4ay0wKcwvC1/users/kola/validate
4. Login start
This is the subsequent call made to authenticated the user anytime they log in to your application.
curl -X POST -H "Authorization: Bearer TOKEN" -H "Content-Type: application/json" -d '{"display_name":"TEST_MFA_PROD_Sample"}' https://api.syniverse.com/mfa/v1/applications/XkpeXM1wkJK4ay0wKcwvC1/users/kola/login_start
For more information on how to use the resources, please check out the API resource document