Two-Factor Authentication REST API

Request Code

Request Code

The requesting of a code requires some data to be passed to the API. Having successfully done this, the code will be sent to the destination number required in the request body. The request is encoded in JSON.

The table below will represent a level, starting with the outermost one.

Legend for “Optional” column:

N → No;

Y → Yes;


Request Body


Key Type Optional Description
client_ref String N No default value.


It is used to serve as a unique identification for you.
This will be echoed back via the request sent to the callback_url. Has to be URL safe. Maximum 255 characters.

phone_number String N No default value.


The destination number to where the SMS holding the code should be sent. The number should consist of the prefix & phone number (no spaces).

code_length Integer Y Defaults to 6. Maximum 20.


The length of the code to be generated.

code_type String Y Defaults to numeric.


The type of code to be generated. It accepts “numeric”, “alpha” & “alphanumeric”. If incorrect format is entered, the default value will be used.

case_sensitive Boolean Y Defaults to false.


Whether the code should be case sensitive or not. If false, the case sensitivity would not be noted when validating, if true, code for validation needs to be entered case sensitive.

callback_url String Y Defaults to empty.


The URL to which the API should send an extra response status to.

sender_id String Y The sender id to be shown when the message is sent to the client. If provided this will override the default sender id found in the authorization token. Max characters for numeric is 15 & alphanumeric is 11.
message_template String Y Default value ‘Your authentication code is: {#TFA_CODE}’.

The text that should appear in the message the client receives.
It is mandatory that ‘{#TFA_CODE}’ is included in this string. This placeholder will then be replaced with the generated code.
Total length of the message cannot exceed 1 SMS.


Get Started