How to Send Voice OTP on a Phone Call in Node.js Using Express and Plivo

How to Send Voice OTP on a Phone Call in Node.js Using Express and Plivo

You can authenticate a phone number by delivering a one-time password (OTP) via a phone call. To do this, you call the number and read a sequence of digits to the recipient via text-to-speech. To verify the number, the user needs to confirm the digits by entering them using the phone’s keypad.

Developers commonly use voice OTP to verify new user registrations, online transactions, and login sessions in an app or website. In this blog post, we walk you through a sample implementation of sending a voice OTP using the Plivo Voice platform and PHLO, our visual workflow builder. Plivo’s direct carrier connectivity and intelligent routing engine guarantee the best call connectivity and quality.


Before you get started, you’ll need:

  • A Plivo account — sign up for one for free if you don’t have one already.
  • A voice-enabled Plivo phone number if you want to receive incoming calls. To search for and buy a number, go to Phone Numbers > Buy Numbers on the Plivo console.
Buy a New Plivo Number
  • Express and Plivo Node packages — run npm install plivo express to install them.
  • ngrok — a utility that exposes your local development server to the internet over secure tunnels.

Create a PHLO to send OTP via phone call

PHLO lets you construct your entire use case and build and deploy workflows visually. With PHLO, you pay only for calls you make and receive, and building with PHLO is free.

To get started, visit PHLO in the Plivo console and click on Create New PHLO. On the Choose your use case window, click Build my own. The PHLO canvas will appear with the Start node. Click on the Start Node, and under API request fill in the Keys as from, to, and otp, then click Validate. From the list of components on the left-hand side, drag and drop the Initial Call component onto the canvas and connect the Start node with the Initiate Call node using the API Request trigger state.

Configure the Initiate Call node with the using the From field and in the To field. Once you’ve configured a node, click Validate to save the configuration. Similarly, create a node for the Play Audio component and connect it to the Initiate Call node using the Answered trigger state. Next, configure the Play Audio node to play a specific message to the user — in this case, “Your verification code is <otp>.” Under Speak Text, click on Amazon Polly and paste the following:

<Speak voice="Polly.Amy">
    <prosody rate="medium">
        Your verification code is
    <say-as interpret-as="spell-out">{{Start.http.params.otp}}</say-as>

Click Validate to save.

Connect the Initiate Call node with the Play Audio node using the Answered trigger state. After you complete the configuration, provide a friendly name for your PHLO and click Save.

Use the PHLO in a Express application

Now you can use the PHLO in a Node.js express application by following the below steps:

  • Create a project directoryand change into it.
  $ mkdir mynodeapp
  $ cd mynodeapp
  • Install the Plivo SDK using npm.
  $ npm install plivo
  • Install other modules.
  $ brew install redis
  $ npm install redis
  $ npm install express

Run the PHLO to send OTP via phone call

Now you can trigger the PHLO and test it out. Copy the PHLO ID from the end of the URL of the workflow you just created. You’re also going to need your Auth ID and Auth Token. Create a Node.js source code file — let’s call it trigger_phlo.js — and paste into it this code.

const express = require('express');
const app = express();
const redis = require('redis');
const redisClient = redis.createClient();
var plivo = require('plivo');

// Make call to the destination number with OTP.
app.get('/dispatch_otp/:number', function(req, res) {
    const number = (req.params.number);
    const code = Math.floor(100000 + Math.random() * 900000);

    var client = new plivo.Client("<auth_id>", "<auth_token>");
    var response = client.calls.create(
        "+14151234567", // from
        number, // to
        "" + code, // answer url
            answerMethod: "GET",
    redisClient.set(`number:${number}:code`, code, 'EX', 60);
        'status': 'success',
        'message': 'verification initiated'

// Validate the OTP entered by the user.
app.get('/verify_otp/:number/:code', function(req, res) {
    const number = (req.params.number);
    const code = (req.params.code);
    redisClient.get(`number:${number}:code`, function(err, OriginalCode) {
        if (OriginalCode == code) {
                'status': 'success',
                'message': 'codes match! number verified'
        } else if (OriginalCode != code) {
                'status': 'failure',
                'message': 'codes do not match! number not verified'
        } else {
                'status': 'failure',
                'message': 'number not found!'


Substitute actual values for <auth_id>, <auth_token>, and <PHLO_ID>. Save the file and run it.

$ node trigger_phlo.js

Boom — you’ve made an outbound call with the OTP as a text-to-speech message.

Simple and reliable

And that’s all there is to send OTP via a phone call using Plivo’s Node.js SDK. Our simple APIs work in tandem with our comprehensive global network. You can also use Plivo’s premium direct routes that guarantee the highest possible delivery rates and the shortest possible delivery times for your 2FA SMS and voice messages. See for yourself — sign up for a free trial account.

footer bg

Subscribe to Our Newsletter

Get monthly product and feature updates, the latest industry news, and more!

Thank you icon
Thank you!
Thank you for subscribing
Oops! Something went wrong while submitting the form.