Docs menu
MENU

Setting Up SMS Account Verification with Twilio

As a part of the verification during the signup procedure, SMS account activation is designed to prevent fake signups. Simultaneously, it encourages real users to upgrade their accounts to billing instead of creating another trial one after the provided free trial period has expired.

Note: SMS verification becomes operable only in case the mandatory account activation is already enabled, so make sure you’ve performed the necessary configurations beforehand.

In order to have an opportunity to use this activation type, you are required to preliminary set up the appropriate messaging tool, intended to automatically send authorization SMS notifications. As an example for this guide, we’ll use Twilio (however, you can configure any other preferred service in a similar way). It provides many features, like using a custom name as the sender ID instead of the phone number, support of non-English character sets, tracking message status in real-time, etc.

So, to accomplish the required configurations for enabling the additional SMS verification during signup, you’ll need to perform the following steps:

Purchase a Phone Number

1. First of all, navigate to the Twilio website and either Sign up for a new account or just Log in (if you already have one) with the appropriate button.

Twilio log in

2. Once inside your account console, navigate to the All Products & Services > Phone Numbers section through the left-side menu.

Twilio phone number

3. Then, switch to the Buy a Number tab.

Twilio buy number

Here, you need to specify the required search options to find a phone number that will satisfy your needs:

  • Country - select the preferred region with enabled SMS capability and without Domestic SMS only restriction (to check the latter option state, find the chosen country within either the Dual Functionality or SMS Enabled Only section of the Twilio phone numbers capabilities list)
    SMS enabled number

    Tip: We recommend purchasing US numbers as commonly available and the most cost-efficient ones.

  • Number/Location - optionally, enter the required search parameters (e.g., specific digits or area code) or leave this field blank. Search over Location is available for the US and Canada only.
  • Capabilities - obligatory tick the SMS option

When all the options are defined, select Search to output the list of 10 suitable random numbers.

4. Click the Buy button next to the preferred number.

buy preferred number

5. Within the appeared pop-up window, review the number parameters and click the Buy This Number button to confirm the purchase.

confirm purchase

In a moment this phone number will appear on your Manage Numbers list.

6. Lastly, to ensure global service availability, go to the Programmable SMS > Settings > Geo Permissions page and tick all countries within the list, making registration possible for any user throughout the world (use common check-boxes next to the world part names to accomplish this faster).

Geo permissions

Note: If deliberately limiting the area your Public Cloud platform could be used, be aware of possible complaints and a decrease in your platform ranking within the Cloud Union catalog. Also, all related issues with registration will have to be handled on your side.

Now, after you’ve got the suitable number, proceed with adjusting the appropriate SMS verification control script.

Configure Script

Now, you need to adjust a dedicated platform script, which is responsible for sending the appropriate SMS messages to the newly registered users, with the acquired number and your messaging tool credentials.

Note: By default, our script is configured to work with the above-mentioned Twilio tool, thus, if using any other SMS-sending service, you’ll need to adjust or rewrite the /home/hivext/scripts/sendsms script at first.

1. All the SMS-sending script configurations are provided in the /home/hivext/scripts/sendsms.conf file. Access your hardware node via SSH and edit it on all HCore containers (i.e., search for the ones with a hcore1, hcore2, etc. in hostname). In the opened file, obligatory specify the following parameters:

  • CALLERID=’{phone_number}’ - the previously purchased number; can be found within the Numbers > Twilio Numbers section
  • SID="{Twilio_SID}" - your Twilio account security identifier from the Settings > General frame (circled in the image below)
  • TOKEN="{Twilio_token}" - security authentication token, located under the previously specified SID (to see its value, click on the eye button to the left)

Twilio token

2. Optionally, the configuration file can include settings for the fraud phone number filters. If needed, add the following parameters:

  • LOCAL_DB="{path}" – path to the local file with disposable phone numbers (one number per line)
  • LOCAL_CHECK={0|1} – enable (1) or disable (0) numbers check using the local database

Tip: You can use the GitHub list as a source for your local database:

1

curl https://raw.githubusercontent.com/iP1SMS/disposable-phone-numbers/master/number-list.json 2>/dev/null | sed -r -e '/\{/d' -e '/\}/d' -e 's/\s+"([^"]+)":.*/\1/g' > numbers.txt
  • TWILIO_CHECK={0|1} – enable (1) or disable (0) check with the Twilio Lookup API to filter out phone numbers based on the line type intelligence

Note: This check will add an extra charge per request - see the Lookup API Pricing for the line type intelligence.

  • TWILIO_ALLOWED_LTI=("{type1}" “type2” “typeN”) – list of the allowed line types

For example:

1
2
3
4
5
6
7

CALLERID='+1 (234) 567-8900'
SID="ACd1bed49xxxxxxxxxxxxad07d3b8c0d83"
TOKEN="7a6380dbfxxxxxxxxxxxxf993d0e0623"
LOCAL_DB="/home/hivext/scripts/numbers.txt"
LOCAL_CHECK=1
TWILIO_CHECK=0
TWILIO_ALLOWED_LTI=("mobile" "fixedVoip" "personal" "premium" "sharedCost" "unknown")

After the mentioned parameters are specified, don’t forget to save the changes applied to the script.

3. Additionally, you can customize the localization of the message as follows:

1
2
3

LANGS_AVAIL=("en", "ua")
GREETINGS_EN="Virtuozzo Application Management account activation code:"
GREETINGS_UA="Код для активації акаунта Virtuozzo Application Management:"

Note: The list of supported languages on the platform is specified via the AVAILABLE_LANGS system settings.

4. In order to check everything is configured properly, you can execute this script manually, right from the container:

1

/home/hivext/scripts/sendsms -n {phone_number} -c {activation_code} -l {language}

Here, the highlighted parameters should be substituted with the following values:

  • -n {phone_number} - mobile phone number the SMS should be sent to
  • -c {activation_code} - the preferred activation code of 4 digits (for example 4545)
  • -l {language} - SMS notification language, stated with the ISO 639-1 format (herewith, the exact message text for every used language is defined within the script’s GRETINGS_lang parameter)

In response to this, a JSON object with the result property will be received.

console result

The result should be equal to 0 (as underlined above) - this means that the SMS has been sent successfully, so you can make sure it matches the input properties. Otherwise, you need to recheck the settings within your sendsms script to be specified properly.

If everything is OK here, you can navigate to the admin panel to enable SMS verification and configure its parameters on the platform side.

What’s next?