Two-Factor Authentication with Messaging

Two-Factor authentication with Bandwidth Messaging services

⚠️ Your account must be activated to use the MFA product. Please contact sales support to learn how to get access!

Request URL


Basic Authentication

Bandwidth's Voice API leverages Basic Authentication with your Dashboard API Credentials. Read more about how Bandwidth secures endpoints in the Security & Credentials document.

Supported Parameters

Parameter Required Description
to Yes The phone number the message should be sent to (must be in E.164 format, like +19195551212).
from Yes One of your telephone numbers from which the message should come from. This number must be associated with the messaging application given by the applicationId parameter.
applicationId Yes The messaging application Id.
scope No An optional field to denote what scope or action the 2fa code is addressing. If not supplied, defaults to "2FA".
message Yes The message format of the 2fa code. There are three values that the system will replace "{CODE}", "{NAME}", "{SCOPE}". The "{SCOPE}" and "{NAME}" template values are optional, while "{CODE}" must be supplied. As the name would suggest, "{CODE}" will be replaced with the actual 2fa code. "{NAME}" is replaced with the application name, configured during provisioning of 2fa. The "{SCOPE}" value is the value of the scope parameter. The value of this parameter is limited to 2048 characters.
digits Yes The number of digits for your 2fa code. The valid number ranges from 4 to 8, inclusively.
callbackUrl No The URL to send messaging callbacks to. Callbacks are in Bandwidth Messaging Callback format. Additional information can be accessed here. Example: callbackUrl=""

Response Attributes

Property Description
messageId The Id of the message sent via the Messaging API.

Example 1 of 1: Authenticate with Messaging

curl -X POST \
    --url "{accountId}/code/messaging" \
    -u '{username}:{password}' \
    --data-raw '
        "to"            : "+12345678902",
        "from"          : "+12345678901",
        "applicationId" : "93de2206-9669-4e07-948d-329f4b722ee2",
        "scope"         : "scope",
        "digits"        : 5,
        "message"       : "Your temporary {NAME} {SCOPE} code is {CODE}",
        "callbackUrl"   : ""

The above command returns a JSON Response structured like this:

Status: 200
Content-Type: application/json; charset=utf-8

  "messageId": "1256-adf14asd-52dfa"
var response = controller.CreateMessagingTwoFactor(accountId, new TwoFactorCodeRequestSchema
    ApplicationId = applicationId,
    From = fromNumber,
    To = toNumber,
    Scope = "scope",
    Digits = 5,
    Message = "Your temporary {NAME} {SCOPE} code is {CODE}"

Console.WriteLine( response.Data.MessageId );
TwoFactorCodeRequestSchema request = new TwoFactorCodeRequestSchema();
request.setMessage("Your temporary {NAME} {SCOPE} code is {CODE}");

ApiResponse<TwoFactorMessagingResponse> response = controller.createMessagingTwoFactor(accountId, request);

System.out.println( response.getResult().getMessageId() );
application_id = messaging_application_id

body =
body.from = from_phone = to_phone
body.application_id = application_id
body.scope = 'scope'
body.digits = 5
body.message = "Your temporary {NAME} {SCOPE} code is {CODE}"

auth_client.create_messaging_two_factor(account_id, body)
application_id = messaging_application_id
body = TwoFactorCodeRequestSchema(
    mfrom = from_phone,
    to = to_phone,
    application_id = messaging_application_id,
    scope = 'scope',
    digits = 5,
    message = "Your temporary {NAME} {SCOPE} code is {CODE}"
response = auth_client.create_messaging_two_factor(account_id, body)
message_id = response.body.message_id
import { Client, MFAController } from '@bandwidth/mfa';

const BW_USERNAME = process.env["BW_USERNAME"];
const BW_PASSWORD = process.env["BW_PASSWORD"];
const BW_ACCOUNT_ID = process.env["BW_ACCOUNT_ID"];
const fromNumber = process.env["BW_NUMBER"];
const toNumber = process.env["USER_NUMBER"];

const client = new Client({
  basicAuthUserName: BW_USERNAME,
  basicAuthPassword: BW_PASSWORD

const controller = new MFAController(client);

const payload = {
  from: fromNumber,
  to: toNumber,
  scope: 'scope',
  digits: 5,
  message: "Your temporary {NAME} {SCOPE} code is {CODE}"

const msgTwoFactor = async function() {
  try {
    const response = await controller.messagingTwoFactor(BW_ACCOUNT_ID, payload);
    console.log(JSON.stringify(response, null, 2));
  } catch (error) {

$scope = 'scope';

$body = new BandwidthLib\TwoFactorAuth\Models\TwoFactorCodeRequestSchema();
$body->from = $fromPhone;
$body->to = $toPhone;
$body->applicationId = $messagingApplicationId;
$body->scope = $scope;
$body->digits = 5;
$body->message = "Your temporary {NAME} {SCOPE} code is {CODE}";

$authClient->createMessagingTwoFactor($accountId, $body);

results matching ""

    No results matching ""