Auth0 solves the most complex and large-scale identity use cases for global enterprises with their extensible and easy-to-integrate platform, securing billions of logins every year. Using Plivo’s Messaging platform and Auth0 you can send SMS messages to send multi-factor verification codes via text messages. This integration will add SMS-based MFA to the login flow for the tenant in which you’re working.
To start using Plivo with Auth0, you’ll need
Plivo provides an SMS messaging service that Auth0 can use to deliver multi-factor verification via SMS messages. The following steps will enable you to add SMS-based MFA via the Plivo SMS API to the login flow for the tenant in which you’re working.
The following steps will add text-message-based MFA to the login flow for the tenant in which you're working. We highly recommend testing this setup on a staging or development server before making the changes to your production login flow.
Capture the authorization ID and authorization token from the Account and Payments section in the Plivo console.
To integrate Auth0, first sign up for an account. Add an Action (a triggerable function), then integrate it with your authentication flow.
Go to Actions > Library and select Add Integration.
Read the necessary access requirements and click Continue.
Configure the integration by filling in the fields on the next screen with your Plivo Auth ID and Auth Token and your Plivo phone number.
Click the Add to flow link on the pop-up that appears.
Drag the Action into the flow.
Before you can use SMS as an authentication factor, your Auth0 tenant needs to have MFA enabled globally or for specific contexts. You can then configure the SMS factor to use your custom code.
Go to Dashboard > Security > Multi-factor Auth and click the Phone Message factor box. In the modal that appears, select Custom for the delivery provider, make any adjustments you’d like to the templates, then click Save and close the modal. Finally, enable the SMS factor using the toggle switch.
Auth0 will immediately begin using this factor for MFA during login. Before you activate your integration in production, make sure you’ve configured all of the components correctly and verified everything on a test tenant.
Navigate to the Authentication section in the Auth0 Manage Dashboard, choose your Connection, then select Try from the connection’s dropdown menu to verify that everything works as intended.
You can then log into your Plivo account to verify that SMS messages are indeed being sent.
If you don’t receive an SMS message as expected, look in your tenant logs for a failed Phone Message log entry. To learn which event types to search, see the Log Event Type Code list. You can use the Filter control to find MFA errors.
Make sure that: