Phone Verification

Personal users must provide proof of ownership of one of their registered phone numbers. This is an important step since sensitive information may be sent to this phone number such as 2FA tokens and also for compliance purposes.

The phone verification process may be initiated by requesting an SMS message containing a validation token be sent to one of the user's registered phones.

const userId = "e6169f9b-6a8d-4f30-9778-1b74d457616e";
const phoneId = "ccb3f57b-b903-4a77-a7a5-11303e1e0c16";

// Sends SMS with a verification code
await bitcapital.phones().sendVerificationToken(userId, phoneId);
curl --location --request POST 'https://instance-url.btcore.app/consumers/9fcd5ded-2413-422a-8cc8-1d9ad332be5b/phones/17b5a29b-379d-4173-afe9-18b938c22362/send-token' \
--header 'Authorization: Bearer 0000000000000000000000000000000000000000'\
--header 'Content-Type: application/json'

The response of the request will include the timestamp at which the token will expire, as well as a cool down period during which you will not be able to generate a new token.

The token should be verified exactly as it was sent, an uppercase char, a hyphen followed by a 6 digits numeric code. In your UI, when the user input the code it received, you can verify the phone using the method below.

const token = "A-123456";

// Send the verification token to activate phone in the platform
await bitcapital.phones().verify(userId, phoneId, token);
curl --location --request POST 'https://instance-url.btcore.app/consumers/158ddfde-f482-4c45-849c-01bb9d1fafcf/phones/18fc7e1b-78ae-4b8e-b452-d8491da6c383/verify' \
--header 'Authorization: Bearer 0000000000000000000000000000000000000000'\
--header 'Content-Type: application/json' \
--data-raw '{
    "token": "4670"
}'

In case of time expiration, you may request a new code repeating the same steps shown above.


Did this page help you?