Vonage

Verify users by reaching their mobile device with SMS or voice codes: easily adding a layer of security. We designed the Verify API to make it simple to implement. Your application simply gives us a phone number and we take care of the rest. We've got you covered for SMS, voice, and SMS to voice failover scenarios. We even make sure the messages comply with local regulations so they are not filtered by the carriers. Our comprehensive backend provides the secure code and identity management capabilities, all behind a simple to use API.

Our many direct-to-carrier relationships around the world, combined with our proprietary Adaptive Routing algorithm, allow us to work in real-time to find the best routes for your messages. Add to that our Compliance Engine, which knows how and when to deliver messages according to country and carrier requirements, and you have the industry’s highest deliverability rates.

You can send multi-factor authentication (MFA) text messages using the Vonage (previously Nexmo) SMS API. Vonage provides an SMS API that can be used by Auth0 to deliver multi-factor verification via text messages. To learn more, see Vonage's SMS API Overview.

Note: The following steps will add text-message-based MFA to the login flow for the tenant in which you're working. We highly recommend testing this setup on a staging or development server before making the changes to your production login flow.

Prerequisites

Before you begin:

• Make sure you have an Auth0 account and tenant. Sign up for free.

Set up the partner application

To configure your integration with Vonage:

• Sign up with Vonage and complete your profile and confirmation steps.
• Go to the SMS API screen of the Vonage dashboard and test the API with a test number. Once you've successfully tested the SMS API and can receive a text message, you're ready to integrate with Auth0.

Add the Action

1. Select Add Integration (at the top of this page).
2. Read the necessary access requirements and click Continue.
3. Configure the integration using the following fields:

• Vonage API Key
• Vonage API Secret
• From Number - The phone number from which the SMS message will be sent

1. Click Create to add the integration to your Library.
2. Click the Add to flow link on the pop-up that appears.
3. Drag the Action into the desired location in the flow.
4. Click Apply Changes.

Activate custom SMS factor

To use the SMS factor, your tenant needs to have MFA enabled globally or required for specific contexts using rules. To learn how to enable the MFA feature, see:

• Enable MFA
• Customize MFA

The last steps are to configure the SMS Factor to use the custom code and test the MFA flow. Note: Once you complete the steps below, Auth0 will begin using this factor for MFA during login. Before activating this integration in production, please make sure you have configured all components correctly and verified on a test tenant.

1. Go to Dashboard > Security > Multi-factor Auth and click the Phone Message factor box.
2. In the modal that appears, select Custom for the delivery provider, then make any adjustments you'd like to the templates. Click Save when complete, and close the modal.
3. Enable the SMS factor using the toggle switch to begin using this factor.

Test MFA flow

Trigger an MFA flow and verify that everything works as intended.

Troubleshoot

If you do not receive the text message, look at the tenant logs. Look for a failed SMS log entry. To learn which event types to search, see the Log Event Type Code list, or you can use the Filter control to find MFA errors.

Make sure that:

• The Action is in the Send Phone Message flow.
• The secrets are the same ones you created in the steps above.
• Your Vonage account is active (not suspended).
• Your phone number is formatted using the E.164 format.
• Check the Vonage SMS API logs for a sent message and check its status.